The U.S. General Services Administration (GSA) is continuously looking for new ways to deliver on its mission to provide value and savings in real estate, acquisition, technology, and other mission- support services across the Government. Using a cross-enterprise perspective, GSA identifies the most complex and interconnected risks to mission execution. This collaborative process empowers agency leaders to strategically allocate resources, allowing the agency to stay ahead of emerging risks.
GSA identifies risks to the agency's most critical activities by administering a GSA Risk Survey, which collects information from key GSA employees on their perception of risk to the organization. The survey results are captured in GSA's Enterprise Risk Profile and used to identify opportunities for improvement.
In 2021, GSA further strengthened the agency's enterprise risk culture by establishing the Enterprise Risk and Strategic Initiatives Board to serve as the governance body for translating enterprise-level strategies into actionable initiatives and implementing sound risk management principles across GSA functions and programs. The board will be responsible for identifying and addressing complex, interconnected, and distributed risks to mission delivery.
Current focus areas for enterprise risk management efforts include:
- Cybersecurity — Cybersecurity is one of the most critical aspects of GSA's information technology (IT) program. Cyber attacks and security vulnerabilities have the potential to bring down mission-critical systems and IT infrastructure. To mitigate these threats, GSA is shifting its focus beyond compliance to operational security and identifying and managing capability gaps. Continuous monitoring and review are in place to protect GSA's systems from hackers and other cyber attacks.
- Human Capital — The technical nature of GSA's work offers unique challenges to recruiting, developing, and retaining top talent. GSA will continue to seek innovative solutions to develop and grow its workforce while identifying opportunities for performance and process improvement across the enterprise.
- GSA-Managed Real Estate Portfolio — GSA manages over 8,300 assets that house nearly 50% of the total Federal civilian workforce. During the COVID-19 pandemic, agencies leveraged telework to help maintain operations. As Agencies return to facilities, the demand for leased and owned space will likely decline, as agencies maximize the use of hybrid work operations resulting in increased vacant space in GSA's portfolio. GSA will work with customers to better understand their future space requirements; identify possible opportunities to reduce or consolidate space; and develop alternative workspace solutions to meet evolving customer needs. This presents GSA with an opportunity to work with agencies to right-size the Federal footprint. Funding to make needed investments in Federally-owned facilities is essential to capitalize on this opportunity. When GSA's appropriation for capital investment in real estate is less than the spending authority requested, it limits GSA's ability to allocate resources for critical repairs, improvements, and space conversions across its real estate portfolio. GSA will seek to secure funds requested in the President's budget. The funds are needed to maintain GSA-controlled Federal assets in a good state of repair and support long term efforts to right-size and modernize GSA's real estate portfolio.
- Supply Chain Risk Management (SCRM) — GSA recognizes strong potential for supply chain disruptions as a result of the COVID-19 pandemic and has worked with partners to mitigate the effect of those disruptions on mission execution. GSA has established an SCRM Executive Board to both improve capabilities and practices across GSA, as well as continually identify, monitor, and manage future supply chain risks.
- Legacy Database Technologies — Reliance on proprietary legacy technologies adversely affects operational flexibility and increases costs for GSA. To reduce the negative effects, GSA is using the Technology Modernization Fund to support a multi-year transformation effort. GSA is shifting from proprietary to open source databases, which will simplify integrations with other systems. This will help applications achieve greater flexibility in their system architecture while improving resilience, scalability, maintainability, and performance.
Each of the risks described above, if not effectively managed, has the potential to disrupt GSA's ability to meet its objectives and execute its mission. Engaged leadership and an increased willingness to work across business units to manage risk promotes transparency and helps develop a proactive risk and opportunity culture. Ensuring that critical risks are monitored by leveraging qualitative and quantitative information allows GSA to effectively align investments to mitigate key risks and strengthen operations, ultimately maximizing value to customer agencies and taxpayers.