Upload
philomena-hoover
View
213
Download
0
Embed Size (px)
Citation preview
Journey Towards Implementing Enterprise Risk Management at Federal Student Aid
Cynthia Vitters | Director
Department of Education – Federal Student Aid
Federal Student Aid (FSA) Overview
FSA is a principal office of the United States Department of Education responsible for administering the federal Title IV student loan portfolio
In FY14, FSA operated on an annual administrative budget of approximately $1.4B
Current outstanding loan portfolio is over $1.1T FSA is staffed by over 1,200 full-time employees and augmented by
thousands of contractors and vendors Workforce is based in Washington, D.C., with ten regional offices
located throughout the country FSA was designated as the Federal government’s first Performance-
Based Organization (PBO) in 1998
2
History of ERM at FSA• Established an ERM Framework in 2004
• COSO-Based Framework• First Formally Appointed Chief Risk Officer in the Federal
Government• First Formally Established Enterprise Risk Management Office in the
Federal Government
• Expanded FSA’s ERM Framework in 2010• Expanded Risk Management Office Structure• Formalized Risk Management Committee/Meetings to Include
Operating Committee Members• Our Mission is to Proactively Identify, Assess, and Report Enterprise-
Level Risks, and to Collaboratively Manage those Risks with FSA Executives, in Order to Support the FSA Enterprise in Achieving its Objectives
3
Risk Management Office Structure -Then
Enterprise Performance Management Services Group
Project Management & Oversight Group
Enterprise Risk Management Group(Chief Risk Officer)
Chief Operating Officer
Acquisitions Group Strategic Planning & Reporting Group
Risk Analysis & Reporting Internal Review
4
Risk Management Office Structure -Now
Audit Liaison Group
Risk Management Office (Chief Risk Officer)
Internal Review Division
Risk Analysis & Reporting Division
Chief of Staff
Chief Operating Officer
5
VII. Monitoring
VI. Information & Communication
- Key Management Report Monitoring
V. Control Activities
IV. Risk Response-Risk Mitigation, Risk Transfer/Sharing,
Avoidance
III. Risk Assessment-Alignment of Assurance & Oversight Functions
II. Event Identification- Business Unit Facilitated Risk Assessment
- Issues Identification & Independent Validation Process
I. Control Environment- Understanding end-to-end process (inclusive of relationships with schools, vendors,
GAs)
FSA’s Customized COSO-Based ERM Framework
- Issues Resolution / Continuous
- Executive Dashboard- Alignment of All Internal
Risk / Compliance OversightNote: Ongoing objective setting embedded in overall
process.
6