Transcript Strategic Analysis Campaign Strategy
Enterprise Risk Management at the Department of Energy (DOE)
Office of Chief Financial Officer Office of Internal Review May 13, 2009
Recovery Act DOE Funding and Impact
Recovery Act Funding vs. FY09 Current Appropriation
20 18 16 14 12 10 4 2 8 6 0 $6,0 $16,8 $0,4 ARPA-E $1,6 $3,4 $1,1 Office of Fossil Energy $6,0 $6,0 $4,5 $4,8 $2,2 $0,1 Office of Electricity Delivery & Energy Reliability Office of Science Loan Guarantee Program Office of Environmental Management Office of Energy Efficiency and Renewable Energy FY09 Current Approp. ($14.2B) Recovery Act ($38.7B)
Enterprise Risk Management at the Department of Energy (DOE)
2
Office of Management and Budget (OMB) Requirements The American Recovery and Reinvestment Act of 2009 (Recovery Act) will usher in additional accountability and transparency requirements for agencies receiving stimulus funding.
Program offices receiving stimulus funding will have to:
Meet new compliance and reporting requirements
Assess the impact of existing process control risks
Manage new risks from stressed processes
Prepare for future oversight reviews Enterprise Risk Management at the Department of Energy (DOE)
3
Corporate Accountability Model
DOE-Wide Control & Accountability
•
Funds Management
•
Cost Management
•
Acquisition Management
•
Grants Administration
•
Loan Administration RISKS Controls Internal Process Controls Recovery Act Funding Regular Funding
•
Planning Guidance
•
Cost and Schedule
•
Metrics
•
Reporting Management Enterprise Risk Management at the Department of Energy (DOE)
4
The DOE Oversight Model has been updated to adhere to Recovery Act requirements
Expand Outreach and Coordination Monitor Planning and Reporting
Stakeholders Programs Field Offices Corporate Guidance Reporting Standards Internal Review Execution Monitoring OMB IG - GAO Validating Outcomes
Vulnerability Assessments & Risk Management Plans Evaluate Key Controls
Chief Financial Officer
Identifying Issues
Establish Recovery Act Assurance Processes HQ Risks Field Controls Contractor Enterprise Risk Management at the Department of Energy (DOE)
5
The Current Risk Management Approach: Targeted Risk Mitigation
Codes to track Recovery Act projects and funding
CFO internal control liaison to each affected program and business office
Up front “Acknowledgement of Management’s Accountability for Internal Control” and Year-end Recovery Act assurance statement
DOE-wide assessments of key process controls
High level, cross-cutting vulnerability assessments for each program by CFO
Ad hoc vulnerability assessments and risk mitigation plans
Coordination with the Inspector General and the Government Accountability Office
“Training Flashes” for selected cross-cutting vulnerability areas Enterprise Risk Management at the Department of Energy (DOE)
The Targeted Risk Mitigation Approach marks a Strategic Cultural Change within the DOE
Internal Controls and Risk Management to Permeate the Organization Clear Presidential, Secretarial, and Public Mandate Leadership Provides and Enforces Consistent Tone from the Top Open Communications and Cooperation Educate and Motivate to Action
An accountant is having a hard time sleeping and goes to see his doctor: "Doctor, I just can't get to sleep at night.“ “Have you tried counting sheep?“ "That's the problem - I make a mistake and then spend three hours trying to find it."
Enterprise Risk Management at the Department of Energy (DOE)
The Current Risk Management Approach: Risk Assessment
Identified and communicated key risks and vulnerabilities to staff through office-specific placemats
Performed more detailed project level risk assessments
Educated staff on Recovery Act compliance through webinars
Planned and executed site visits Enterprise Risk Management at the Department of Energy (DOE)
Compliance and Accountability with the Recovery Act
Sample Recovery Act Assurance Statement
“Based on the results of operations and related assessments over Recovery Act funding, I am providing reasonable assurance that the following key Recovery Act objectives have been met for all activities under my cognizance: Recovery Act funding has been expended for the intended purposes and in accordance with internal and external guidance; Reported results regarding the expenditure of funds and the outcomes achieved are accurate and verifiable; and Process controls impacting the execution of Recovery Act funding have been evaluated and are deemed effective.”
Enterprise Risk Management at the Department of Energy (DOE)
9
Questions?
“We cannot overstate the importance of this effort. We are asking the American people to trust their government with an unprecedented level of funding to address the economic emergency. In return, we must prove to them that their dollars are being invested in initiatives and strategies that make a difference in their communities and across the country. Following through on our commitments for accountability and openness will create a foundation upon which we can build as we continue to tackle the economic crisis and the many other challenges facing our nation.”
President Obama in a Memorandum to Heads of Departments and Agencies February 9, 2009 Enterprise Risk Management at the Department of Energy (DOE)
10