The Office of Inspector General (OIG) initiated this review based upon an assessment of program risks. Our objective was to review the U.S. AbilityOne Commission’s (Commission) enterprise risk management (ERM) program to assess its maturity level, which will provide the Commission with an overall understanding as to where its current ERM program stands.
To answer our review objective, we 1) reviewed laws, regulations, policies, and procedures applicable to the ERM implementation, 2) conducted interviews with key personnel, 3) surveyed Commission leadership and staff to gain their perspectives of the Commission's ERM program for a more comprehensive view of the ERM program maturity, and 4) analyzed data, reports, and other supporting documentation related to ERM. We conducted this review in accordance with the Quality Standards for Inspection and Evaluation issued by the Council of Inspectors General on Integrity and Efficiency.
There are five levels in the model we used to assess the Commission’s ERM program. The OIG assessment determined that the Commission’s ERM program maturity is between level 2, emerging, and level 3, integrated. By conducting its own internal maturity assessment, it can periodically identify gaps in its ERM program and develop plans to mature the program, as necessary.
The OIG has no specific recommendations associated with this report.