We are continuously looking for new ways to deliver on our mission to provide value and savings in real estate, acquisition, technology, and other mission- support services across the government. Using a cross-enterprise perspective, we identify the most complex and interconnected risks to mission execution. This collaborative process empowers our leaders to strategically allocate resources, helping the agency to stay ahead of emerging risks.
We identify risks to the agency’s most critical activities by administering a risk survey, followed by interviews to collect information from key employees on their perception of risk to the organization. The results are captured in our Enterprise Risk Profile and used to identify areas for improvement or strategic opportunities.
In 2022, our Enterprise Risk and Strategic Initiatives Board strengthened the agency’s enterprise risk approach. This governance body translates enterprise-level risk strategies into actionable initiatives and implements sound risk management principles across our functions and programs. In its first year, the board has identified and begun to address complex, interconnected, and distributed risks to mission delivery.
Current focus areas for enterprise risk management efforts include:
- Supply chain disruptions — As the federal government’s leading provider of acquisition services and schedules, we work closely with thousands of suppliers. We recognize the threat posed by supply chain disruptions and have worked with partners to mitigate the effect of those disruptions on mission execution. Our Supply Chain Risk Management Executive Board, a governance body established in 2020, prioritizes policies, processes, and oversight to continually identify, monitor, and manage potential supply chain risks.
- Rapidly evolving workforce skill needs — The aftermath of the COVID-19 pandemic and economic challenges have resulted in changing real estate needs, supply chain disruptions, and a dynamic technology landscape to modernize federal operations. We are having to adapt to provide new services and delivery models to meet customer needs. These demands require us to identify, acquire, and develop new skills and competencies that will enable us to deliver on our mission years into the future.
- Changes to the federal real estate portfolio — We manage over 8,300 real estate assets that provide workspace for nearly 1 million federal employees. During the COVID-19 pandemic, agencies leveraged telework to help maintain operations. As agencies return to facilities, the demand for leased and owned space will potentially decline as agencies maximize the use of hybrid work operations, resulting in increased vacant space in our portfolio. We are working with customers to better understand their future space requirements, identify possible opportunities to reduce or consolidate space, and develop alternative workspace solutions to meet evolving customer needs. We are also seeking expanded access to funds that are needed to maintain our federal assets in a good state of repair; this supports long-term efforts to right-size and modernize our real estate portfolio.
- Climate adaptation responsibilities — Customer agencies are increasingly asking us for guidance, resources, and other forms of assistance regarding risks from the observed and expected changes in climate. As highlighted in the Climate-Related Financial Risk section of this Agency Financial Report, we have undertaken an internal climate vulnerability assessment to further evaluate the vulnerabilities of supply chain, real estate, and other key agency services. The assessment will inform the development of strategies for us to help customer agencies address organizational, physical, and fiscal risks posed by climate change.
- Advancing to zero trust — We are working to improve cybersecurity identification, deterrence, and protection against malicious actions and actors by implementing a zero trust architecture to the extent possible within existing Working Capital Fund resources and investment from the Technology Modernization Fund. However, we will require dedicated resources to fully achieve this goal and is considering long-term options to invest in a zero trust architecture and mitigate the ever-growing risk of cyberattacks.
Each of the risks described above, if not effectively managed, has the potential to disrupt our ability to meet our organizational objectives and execute our mission. Engaged leadership and an increased willingness to work across business units to manage risk promotes transparency and cultivates a proactive response to emerging threats. By monitoring critical risks, we can effectively allocate resources to mitigate those risks and strengthen operations, ultimately maximizing value to customer agencies and taxpayers.