Program & Schedule
Wednesday, June 15, 2022 | 8:30 a.m. - 5:00 p.m. ET | 7 CPEs
Washington, DC Convention Center | Room 147 AB
8:30- 9:00 a.m.
Check in and Welcome Coffee
9 - 9:10 a.m.
9:10 - 10:00 a.m.
W100: Trust in Government and Enterprise Risk Management
- Tom Brandt, Chief Risk Officer, FRTIB
M: Bert Nuehring, Partner, Crowe
10 - 10:50 a.m.
W101: Integrating Internal Controls over Reporting and ERM
OMB Circular A-123 has required federal agencies to implement control activities to achieve assurances that internal controls and processes that support overall data quality contained in agency reports are effective, thus focusing on internal controls over reporting (ICOR) to cover both financial and nonfinancial reporting objectives. This session will discuss how agencies can align the requirements of OMB Circular A-123 to integrate ERM processes and ICOR to go beyond controls over financial statements to controls that impact management and external stakeholder decision making across the agency’s enterprise.
- Donald Holzinger, Assistant Director, Risk Management and Assurance Division, U.S. Department of Homeland Security
- Gretchen Verrey, Internal Review and Compliance Division Director, U.S. Department of the Navy
- Mike Wetklow, Deputy CFO and Division Director for Financial Management, National Science Foundation
M: Andreia Bodale, Director, Guidehouse
10:50 - 11:10 a.m.
11:10 a.m. - Noon
W102: Integrating Cybersecurity with ERM
Integrating cybersecurity-related activities with enterprise risk management capabilities can help agencies achieve their mission. This session will highlight the need for integrating cybersecurity information with organizations’ ERM activities and existing risk registers. We will discuss steps that agencies can take to build collaboration and information sharing between the disciplines to support the agency mission and strategic goals.
- Matt Barrett, COO, CyberESI
M: Doug Webster, Senior Advisor, TFC Consulting
Noon - 1:00 p.m.
W103: Table Discussions
1:00 - 1:45 p.m.
1:45 -2:35 p.m.
W104: How ERM and IGs Collaboration on Enterprise Risk Can Promote Accountability and Effective Outcomes
In December 2021, the Office of Management and Budget (OMB) released a new memorandum (M-22-04) that encouraged greater cooperation and collaboration between Agency Leadership and Inspectors General. The memorandum details seven practices that serve as guidelines to enhance this engagement. One of those practices compels agencies to utilize ERM practices to identify risks associated with achieving program results and to have discussions about those risks with their respective IGs. This session will discuss the OMB guidance, what prompted it, and how agency risk managers and IGs can collaborate to promote greater accountability and effectively manage risks.
- Nicole Angarella, Acting Deputy Inspector General, USAID
- Mark Greenblatt, Inspector General, U.S. Department of the Interior
- Reggie Mitchell, Chief Financial Officer, USAID
M: Ann Barr, Specialist Executive, Deloitte
2:35 -3:25 p.m.
W105: Integrating ERM with Enterprise-wide Activities: ERM as a Customer and Supplier within the Agency
The Enterprise Risk Management function serves a unique role in both providing and consuming risk data within federal agencies. As a supplier, ERM provides the risk profile but also should support the strategic, budgeting, and operational decision systems of an agency. ERM also draws from other enterprise-wide processes that relate to risk, such as FISMA or ICOFR programs that provide risk data but frequently live outside the Risk Office jurisdiction. This session will discuss how to balance the role of consumer and supplier of risk information and avoid common pitfalls in coordinating risk information.
- David L. Fuller II, J.D., Supervisory Management Analyst, National Institutes of Health
- Susana Guajardo, Performance Management Lead, U.S. Department of the Navy
M: Chris Du, Manager, KPMG
3:25 - 3:45 P.m.
3:45 - 4:45 p.m.
W106: Table Discussions on ERM Workshop
4:45 - 5 p.m.
Questions? Contact firstname.lastname@example.org.