COVID-19 wasn’t the first crisis to spark interest in remote work solutions but it is the first to serve as a catalyst for indefinite remote work for many public sector agencies. However, with expanded work-from-home solutions comes a more prominent digital footprint, opening the door for risk that’s best managed through effective enterprise risk management (ERM).
Agencies began recognizing the importance of remote work in the years following 9/11 and the anthrax attacks. In fact, in 2004 Congressman Tom Davis explained that, “[W]e now realize that telework needs to be an essential component of any continuity of operations plan. Something we once considered advantageous and beneficial has evolved into a cornerstone of emergency preparedness.”
Years later, under the Obama Administration came the Telework Enhancement Act of 2010, positioning remote work as a way to instill work-life balance for federal employees while enabling agencies to continue meeting mission objectives. Since then, regulations surrounding agency telework capabilities have become stricter, particularly in this past year – up until the outbreak of COVID-19.
And now as the country experiences a spike in COVID-19 cases, remote work for federal agencies remains indefinite, challenging not only an agency’s ability to accommodate their employees, but also their risk management processes. To mitigate risk as remote work continues and expands, agencies need effective ERM.
According to a whitepaper by RSA, “Decentralized organizational structures, multiple tools, and various processes and systems make it difficult to see a clear and consistent risk picture across the organization. Additionally, the number, complexity, and velocity of risks are increasing [including those that come as a result of remote work], and the speed at which these risks emerge means organizations have less time to effectively respond.”
However, once an agency implements effective ERM they open the door for myriad benefits. It enables greater visibility into agency risk and internal controls and ultimately empowers stakeholders to make better decisions that align with agency missions. Additionally, organization-wide adoption of effective ERM allows for consistent dialogue across the entire agency.
Effective ERM also helps to establish accountability, consistency, and lessens losses and incidents. Moreover, effective ERM impacts one of the most critical aspects of any agency, finances. With mission aligned ERM in place, agencies have insight into future costs issues and are able to reduce, and even avoid, anticipated costs by making necessary changes brought to light by effective ERM.
“In today’s digital landscape, especially now that greater teleworking initiatives are being implemented, agencies must be able to continue meeting their missions with security at the forefront,” explained Dan Carayiannis, public sector director for RSA Security. “The key is to gain a clear, consolidated view of risk, once the agency’s environment is understood, and then mitigate, and continuing mitigating as the landscape evolves.”
The rapid adoption and migration that has and will continue as a result of the public sector’s indefinite move to telework highlights many vulnerabilities. What agencies need is effective ERM. In doing so, safety isn’t compromised, losses and incidents are lessened, and agencies can continue meeting the mission and serve their constituents.
Ready to learn more? Click here.