Since the Office of the Inspector General's previous review of TVA's risk program in 2003, TVA has enhanced its Enterprise Risk Management (ERM) capabilities in the following areas: risk identification and assessment; management tone; strategic decision-making support; commitment to ERM staffing; and promotion of an ERM culture. The areas in need of improvement include: linking risks and objectives to effectively identify and prioritize risks, focus discussions, and allocate resources; clearer mapping of likelihood and severity with associated risk; measurement of inherent risk to identify critical risks with a higher need for monitoring; role of the Board and executive management in defining risk tolerance which is policy driven; a formal, comprehensive risk policy approved by the Council and Board; and increased reporting and discussions of ERM with the Board. We recommended TVA address the areas needing improvement. Management generally agreed and is taking or plans to take appropriate action.
| Report Date | Agency Reviewed / Investigated | Report Title | Type | Location | |
|---|---|---|---|---|---|
| Tennessee Valley Authority | TVA Enterprise Risk Management | Audit | Agency-Wide | View Report | |
| Federal Labor Relations Authority | 2008 Federal Labor Relations Authority's Inspector General FISMA Evaluation | Inspection / Evaluation | Agency-Wide | View Report | |
| Railroad Retirement Board | Evaluation of Information Security at the Railroad Retirement Board's Financial Interchange Major Application - Abstract | Audit | Agency-Wide | View Report | |
| Department of the Treasury | INFORMATION TECHNOLOGY: 2008 Evaluation of Treasury's FISMA Implementation for Its Non-Intelligence National Security Systems (Sensitive But Unclassified) | Audit | Agency-Wide | View Report | |
| Department of the Treasury | INFORMATION TECHNOLOGY: Federal Information Security Management Act Fiscal Year 2008 Performance Audit | Audit | Agency-Wide | View Report | |
| Department of the Treasury | PRIVATE COLLECTION AGENCIES: Linebarger, Goggan, Blair & Sampson, LLP, Needs to Improve Compliance with FMSs Debt Compromise Requirements | Audit | Agency-Wide | View Report | |
| Department of the Treasury | PRIVATE COLLECTION AGENCIES: Pioneer Credit Recovery, Inc., Needs to Improve Compliance with FMSs Debt Compromise Requirements | Audit | Agency-Wide | View Report | |
| Nuclear Regulatory Commission | Independent Evaluation of NRC's Implementation of the Federal Information Security Management Act for Fiscal Year 2008 | Inspection / Evaluation | Agency-Wide | View Report | |
| Nuclear Regulatory Commission | Audit of NRC's Enforcement Program | Audit | Agency-Wide | View Report | |
| AmeriCorps | Status of the Corporation’s Implementation of Homeland Security Presidential Directive/HSPD-12 | Inspection / Evaluation | Agency-Wide | View Report | |
