Continued focus on navigating cybersecurity, operational, and compliance risks; Human capital risks expected to have greatest impact in next 3-5 years

WASHINGTON, Oct. 27, 2022 /PRNewswire/ -- For the eighth consecutive year Guidehouse, a leading global provider of consulting and managed services to public sector and commercial clients, and the Association for Federal Enterprise Risk Management (AFERM) have collaborated to survey Federal government professionals for their insights into the current state of Enterprise Risk Management (ERM) in their organizations.

Results of the 2022 survey, which is designed to provide federal leaders with perspective on the current state and trends of ERM in the U.S. Federal Government, show Federal government leaders have continued to focus on navigating the unknowns that matter, with cybersecurity/privacy, operational/programmatic, and compliance risks topping the list of risk types that capture the most attention and allocation of resources from management.

For the fifth year in a row, "cyber security/privacy" was identified as the top risk area currently receiving the greatest management attention. It also tops the list of risks Federal agencies believe have the greatest current impact on strategic objectives. However, for the first time since it was added as an option to the survey in 2018, "human capital" unseated "cybersecurity/privacy" to take the top spot on the list of risks anticipated to have the greatest impact in the next 3-5 years.

"This year, survey respondents were asked what emerging risks should be included in agency risk profiles and the top responses related to human capital - employee retention, morale, and engagement - and cybersecurity. In addition, a third of respondents believe that within 3 years environmental and social issues will generate significant risks for their Agencies," said Kate Sylvis, ERM Lead at Guidehouse. "We continue to see Federal agencies exhibiting overall ERM performance levels reflective of an emerging capability – and expanding incremental positive trends related to effectiveness, integration, culture, and risk appetite."

A significant finding according to this year's report, released at AFERM's 15th Annual ERM Summit, is that nearly 90% of respondents indicated their risk appetite statement has been updated within the past three years. Additional notable findings include:

Integration of ERM with other management processes increased this year , but significant opportunities exist to improve outcomes by enhancing integration of ERM with strategy, performance, and budget activities.

For the second year in a row, "tone at the top, executive support for risk management" took the top spot for most impactful improvement area for organizations to respond to current and anticipated risks.

While culture and leadership-related challenges continue to be prominent barriers facing organizations attempting to establish and maintain a formal ERM program, budget limitations appear to be a rising concern to ERM programs . This year, most respondents reported their budgets either stayed the same (65%) or decreased (6%) in the past year.

Use of enterprise Governance Risk & Compliance (eGRC) tools is growing in the Federal ERM community, with 12% of respondents indicating they use an eGRC tool as their primary tool for tracking enterprise risk data, which is the highest level of adoption to date.

To access the 2022 Survey results and for more information, please click here.

