book

Enterprise Risk and Opportunity Management

Name: Enterprise Risk and Opportunity Management
Author: Dr. Allan S. Benjamin
ISBN: 9781119288428

by Dr. Allan S. Benjamin

February 2017

Intermediate to advanced

360 pages

7h 52m

English

Wiley

Read now

Unlock full access

Cover
Title Page
Copyright
Figures
Tables
Preface
Introduction
Chapter 1: An EROM Primer for Organizations Concerned with Technical Research, Integration, and Operations (TRIO Enterprises)
1.1 EROM Scope and Objectives for TRIO Enterprises1.2 EROM Definitions and Technical Attributes for TRIO EnterprisesNotesReferences
Chapter 2: Coordination of EROM with Organizational Management Activities
2.1 The Executive, Programmatic, and Institutional/Technical Management Functions and Their Interfaces2.2 EROM-Relevant Management Activities2.3 Coordination of EROM with Management Activities2.4 Communication across Extended Partnerships2.5 Contribution of EROM to Compliance with Federal Regulations and DirectivesNotesReferences
Chapter 3: Overview of EROM Process and Analysis Approach
3.1 Organizational Objectives Hierarchies3.2 Populating the Organizational Objectives Hierarchies with Risk and Opportunity Information3.3 Establishing Risk Tolerances and Opportunity Appetites3.4 Identifying Risk and Opportunity Scenarios and Leading Indicators3.5 Specifying Leading Indicator Trigger Values and Evaluating Cumulative Risks and Opportunities3.6 Identifying and Evaluating Risk Mitigation, Opportunity Exploitation, and Internal Control OptionsNotesReferences

Chapter 4: The Development and Utilization of EROM Templates for Performance Evaluation and Strategic Planning
4.1 Overview4.2 Demonstration Example: The NASA Next-Generation Space Telescope as of 20144.3 Example Objectives Hierarchies4.4 Risks, Opportunities, and Leading Indicators4.5 Example Templates for Risk and Opportunity Identification and Evaluation4.6 Example Templates for Risk and Opportunity Roll-Up4.7 Example Templates for the Identification of Risk and Opportunity Drivers, Responses, and Internal Controls4.8 Upward Propagation of Templates for Full-Scope EROM Applications4.9 Application of the Templates to Organizational Planning and the Selection from among Alternative Candidate PortfoliosNotesReferences
Chapter 5: Management and Implementation of EROM at the Institutional/Technical Level (Technical Centers or Directorates)
5.1 EROM from a Technical Center's Perspective5.2 Extended Enterprises and the Technical Center's Extended Organization5.3 EROM-Informed Budgeting of Resources across a Technical Center's Extended OrganizationReferences
Chapter 6: Special Considerations for EROM Practice and Analysis at Commercial TRIO Enterprises
6.1 Overview6.2 Risk and Opportunity Scenarios and Leading Indicators6.3 Controllable Drivers, Mitigations, Actions, and Internal Controls
Chapter 7: Examples of the Use of EROM Results for Informing Risk Acceptance Decisions
7.1 Overview7.2 Example 1: DoD Ground-Based Midcourse Missile Defense in the 2002 Time Frame7.3 Example 2: NASA Commercial Crew Transportation System as of 20157.4 Implication for TRIO Enterprises and Government AuthoritiesReferences
Chapter 8: Independent Appraisal of EROM Processes and Results to Assure the Adequacy of Internal Controls and Inform Risk Acceptance Decisions
8.1 Background8.2 Queries for an Independent Appraisal of EROM in the Contexts of Internal Control and Risk AcceptanceReferences
Chapter 9: Brief Overview of the Potential Integration of EROM with Other Strategic Assessment Activities
9.1 Technical Capability Assessment (TCA)9.2 Strategic Annual Review (SAR)9.3 Portfolio Performance Review (PPR)References
Chapter 10: An Integrated Framework for Hierarchical Internal Controls
10.1 Internal Control Principles and the Integration of Internal Control, Risk Management, and Governance10.2 Methodological Basis10.3 Examples10.4 Incorporation of Internal Control Principles into the Control Loop Approach10.5 Summary of ObservationsNoteReferences
Appendix A: Acronyms
Appendix B: Definitions
About the Companion Website
About the Author
Index
End User License Agreement

Content preview from Enterprise Risk and Opportunity Management

Chapter 10An Integrated Framework for Hierarchical Internal Controls

10.1 Internal Control Principles and the Integration of Internal Control, Risk Management, and Governance

This chapter explores how internal controls for TRIO organizations can be fully integrated with enterprise risk and opportunity management (EROM). It provides an extension and follow-up to earlier sections in this book (notably Sections3.6 and 4.7) and is intended to be responsive to the recently issued requirements of the Office of Management and Budget (OMB) in Circular A-123 (OMB 2016) concerning EROM and internal controls. It also recommends innovative approaches that exceed the minimum OMB requirements in several areas.

In a nutshell, the following key principles for internal controls are advocated in this book:

Internal controls should be derived from the organization's strategic objectives, tactical objectives, and core standards of operation and from considerations of the risk and opportunity drivers that affect the organization's ability to meet those objectives and standards.
The drivers are determined from the factors that most significantly affect aggregate risks and opportunities rather than just from individual risks and opportunities.
The identification and evaluation of internal controls focus largely on protection of the assumptions and/or correction of the actual and potential weaknesses that need to be addressed for the aggregate risks and opportunities to be effectively and efficiently ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781119288428Purchase book

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Enterprise Risk and Opportunity Management

by Dr. Allan S. Benjamin

Chapter 10An Integrated Framework for Hierarchical Internal Controls

10.1 Internal Control Principles and the Integration of Internal Control, Risk Management, and Governance

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.