Enterprise Risk Assessment at IRS

In May 2021, Chief Risk Officer (CRO) Thomas Brandt served as the featured guest presenter on an APQC financial management webinar to discuss the organization’s enterprise risk assessment process. Brandt provided information and insights about:

• the organization’s governance and operational structures for ERM;
• ERM resources and tools provided to each business unit for risk assessments; and
• how business unit-level risk assessments roll up to the enterprise level to form an enterprise risk profile.

At the IRS, ERM is truly an enterprise-wide effort. In addition to describing the tools and templates that business units leverage for ERM, Brandt shared insights about the collaborative discussions and risk assessment practices that ensure broad participation in risk assessment.

This case study is a follow up to a case study on IRS’s ERM process published by APQC February 22, 2021, as part of APQC’s Evolving Practices in Enterprise Risk Management research project. Whereas the February 2021 case described the overarching ERM program at the IRS, this case will delve more into the organization’s enterprise risk assessment process.