A survey by Guidehouse and the Association for Federal Enterprise Risk Management has found that cybersecurity and privacy continue to top the list of risks that federal agencies anticipate to have the greatest impact on the strategic objectives of their organizations in the next three to five years.
The 2023 survey found an increase in the integration of enterprise risk management with budgetary processes, execution and other key management processes and that 62 percent of federal government leaders intend to have continued focus on risk appetite over the next year, Guidehouse said Tuesday.
“Agencies continue to consider human capital – employee retention, morale and engagement – cybersecurity and supply chain risks as emerging risks that should be included in agency risk profiles. In addition, 37% of respondents believe that within 3 years environmental and social issues will generate significant risks for their Agencies,” said Kate Sylvis, ERM leader at Guidehouse.
“We continue to see Federal agencies improving integration of ERM with organizational processes, developing risk appetite and enhancing culture around risk,” added Sylvis.
According to the study, over 90 percent of federal government leaders indicated that their agencies have updated their risk appetite statements in the last three years and 54 percent said their organizations have defined risk appetite statements.