Shows & Panels
- Accelerate and Streamline for Better Customer Service
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Client Virtualization Solutions
- Data Protection in a Virtual World
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Feds in the Cloud
- Health IT: A Policy Change Agent
- IT Innovation in the New Era of Government
- Making Dollars And Sense Out of Data Center Consolidation
- Navigating the Private Cloud
- One Step to the Cloud, Two Steps Toward Innovation
- Path to FDCCI Compliance
- Take Command of Your Mobility Initiative
Shows & Panels
Three lessons in risk management
Thursday - 2/16/2012, 9:45am EST
Webster is presenting at the AGA National Leadership Conference Thursday. He shared his top three takeaways from his presentation:
- Tone must be set from the top.
"If the leader doesn't set the right tone at the top, particularly from an enterprise level, it's very difficult, if not even impossible, to have effective risk management at an enterprise level," Webster said.
- Risk is "vastly more" than compliance and internal controls.
The idea of risk management is not new, Webster said, but the need to incorporate risk management into the decisionmaking process is "greater than it's ever been." Managers must consider the external environment, such as budget challenges, he said.
- Link risks to achieving specific objectives
Managers usually consider risk later in the process, but it should be part of the goal-setting, Webster said.
"Without that kind of meaningful relationship to objectives and performance, risk doesn't really get a seat the table," he said.
He pointed to the Defense Logistics Agency as an example of an agency that has implemented enterprise-wide risk management.