AFERM Risk Chats

Welcome to Risk Chats, AFERM’s podcast that focuses on Enterprise Risk Management (ERM) in the Federal space. Candid insights and perspectives from some of the U.S. Government’s most recognized Chief Risk Officers and Risk Management professionals.

Episode 48: RPA Risks

On this episode we speak with George Fallon, Wayne Liu and Brendon Bowers from RMA about an article they wrote for the AFERM Newsletter about risk associated with Robotic Process Automation (RPA)…along with some opportunities.

Episode 47: Fraud Risk Management Guide Update

On this special dualcast with AGA, we speak with Dave Cotton about the upcoming update to the Committee of Sponsoring Organizations (COSO) of the Treadway Commission/Association of Certified Fraud Examiners (ACFE) Fraud Risk Management Guide (FRMG) originally published in 2016.

Check out the following links mentioned in the podcast:

Episode 46: ERM at the Treasury

On this episode, Paul and Tal chat with Karen Weber from the Department of the Treasury, and Nicole Puri at the Bureau of the Fiscal Service about ERM at the Treasury!

Episode 45: ERM at the CFPB

On this episode, we chat with Marianne Roth, CRO at the Consumer Financial Protection Bureau. We discuss CFPB’s ERM journey, current administration priorities and next steps for the organization’s risk program.

Episode 44: 2021 AFERM Summit Preview

On this episode Marianne Roth and Nicole Puri give us a preview of what’s in store for the 2021 AFERM Summit. The Summit takes place October 26 – 27 and you can register now at!

Episode 43: Integrated Risk Management

Join Paul and Tal as they chat with Simone Reba and Dan Featherly about Integrated Risk Management (IRM)!

Episode 42: ERM Standards

Doug Webster
Doug Webster
Ken Fletcher
Ken Fletcher

Join us as we speak with members of the AFERM committee to develop ERM standards for the federal government, Doug Webster, Daniella Datskovska and Ken Fletcher. Based on feedback from the federal ERM community, the term “ ERM Standard” used in this podcast is being reconsidered. The group is working with the AFERM Board to determine the best way to refer to the outcome of this project.

Episode 41: Integrating Cybersecurity and ERM

Bernice Harvey
Bernice Harvey

In this episode we speak with Tony Wang and Bernice Harvey about the recent NIST publication, Integrating Cybersecurity and Enterprise Risk Management (ERM): NISTIR 8286. See the guidance here:

Episode 40: RIMS-CRMP-FED Certification

Curtis McNeil
Curtis McNeil
Denise Osorio
Denise Osorio
Cynthia Vitters
Cynthia Vitters

On this episode we discuss the RIMS-CRMP-FED certification for government risk managers! Joining us are Denise Osorio from RIMS, Cynthia Vitters from Deloitte, Darlene Bennett from the Navy and Curtis McNeil from the Architect of the Capitol.

Episode 39: Higher Education ERM

Cynthia Vitters
Cynthia Vitters

On this episode we chat with Rob Clark, Chief Compliance Officer at Howard University, and Cynthia Vitters, Managing Director at Deloitte, about ERM in the Higher Education community. We discuss the response to COVID and other risks unique to the university system.

Episode 38: ERM Around the World

Greg Hutchins
Greg Hutchins

On this episode we chat with Jim Kline and Greg Hutchins about government implementations of ERM all around the world! Also, check out their article in the Winter 2020 AGA Journal (AGA members only):

Episode 37: Operationalizing USAID’s Risk Appetite Statement

On this episode we chat with Marcus Howard from USAID to revisit how the agency is operationalizing their Risk Appetite Statement. We also talk about strategy, internal controls, data analytics, risk management tools and adjusting your risk appetite!

Episode 36: AFERM President Ken Fletcher

On this episode we chat with AFERM President, Ken Fletcher, about AFERM’s strategy over the next few years, a recent article regarding the “new normal” after COVID, the upcoming AFERM Virtual Summit and our annual survey! View the AFERM Strategy Map

Episode 35: Value-Based Management

This week Paul and Tal chat with one of the founders of AFERM, Doug Webster, about his new book that covers value-based management concepts. We also talk about the risk management implications of events such as the current COVID pandemic.

Episode 34: Our Favorite Podcasts

Tal Seaman
Tal Seaman

This week Paul and Tal reminisce about their favorite Risk Chats and invite you to provide suggestions for future podcasts! Give us ideas for new podcasts here:

Episode 33: AGA AFERM ERM Workshop Lessons Learned

Sarah Choi
Sarah Choi
Thomas Holland
Thomas Holland

On this Risk Chat we speak with Bert Nuehring, Thomas Holland and Sarah Choi about lessons learned from the 2019 AGA AFERM ERM Workshop. We also preview topics for the 2020 Workshop!

> Download the 2019 Report

Episode 32: ERM at the OCC

This week Paul and Tal chat with Bill Rowe, Chief Risk Officer at the Office of the Comptroller of the Currency. We discuss OCC’s Risk Appetite Statement, how ERM got started at the OCC and how the OCC is integrating risk and strategy.

Episode 31: ERM at the CRA

This week we chat with Brian Philbin and Wendy Saschenbrecker-Tang from the Canada Revenue Agency (CRA) about their ERM program. We pick up some lessons learned, discuss how they got started, how they are organized, successes to date and some efforts they have underway with the OECD and agencies such as the IRS!

Episode 30: PBGC OIG

This week, Paul and Tal chat with the Bob Westbrooks, the Inspector General from the Pension Benefit Guaranty Corporation (PBGC). We discuss the OIG’s approach to its own ERM program as well as efforts made to support the development of ERM at the Corporation.

Episode 29: ERM at DOJ OJP

This week we chat with Lucy Mungle from the Department of Justice’s Office of Justice Programs (OJP). We discuss OJPs ERM journey, starting with grants and moving into all aspects of the organization!

Episode 28: NIST Cyber Security

On this Risk Chat, Paul and Tal chat with Dr. Ron Ross from NIST about upcoming updates to NIST special publications 800-37 and 800-53. We also discuss why cyber security, privacy and the supply chain of technologies are critical areas to examine for an agency’s ERM program.

Episode 27: AFERM Data Analytics Community of Practice (DACoP)

On this episode, Curtis McNeil from the Architect of the Capitol and LaTaiga Proctor from the Census join us to discuss AFERM’s DACoP!

Episode 26: The Costs and Benefits of ERM

On this episode, we chat with Vladimir Antikarov, Regional Director of the Professional Risk Managers’ International Association (PRMIA) for Washington, DC. We discuss how to calculate the costs and benefits of ERM using a real options approach adopted from the finance world. Vlad is the author of the book Real Options, A Practitioner’s Guide and other papers on the application of real options to ERM.
Real Options, A Practitioner's Guide

Episode 25: 10 Years of ERM

Today we speak with Dr. Karen Hardy from the Department of Commerce. Dr. Hardy, one of the pioneers of Federal ERM, provides us a retrospective of how we thought of Federal ERM 10 years ago, how things evolved over the last 10 years, and where we are today! Dr. Hardy is one of the founding members of AFERM and she has published several texts and research papers on Federal ERM.

Episode 24: Strategic Risk

Today, Paul chats with Tom Stanton about Strategic Risk. We discuss how Goldman Sachs utilized strategic risk management to navigate through the financial crisis several years back, lessons learned from the Malaysian Development Bank fiasco and why Federal risk managers should consider strategic risk in decision making.

Episode 23: ERM at the FDA

This week Tal and Paul catch up with Yashika Rahaman from the FDA at the AGA PDT in New Orleans. Yashika was there for a panel and took some time to record a podcast with us to discuss FDA’s ERM program!

Episode 22: AFERM Cybersecurity Community of Interest

Julie Chua
Julie Chua
Tom Brandt
Tom Brandt

Join Paul and Tal as we learn all about AFERM’s Cybersecurity COI from Nahla Ivy, Julie Chua and AFERM’s Past President, Tom Brandt!

Episode 21: AFERM Small Agency Community of Practice

Join Tal and Paul as they speak with Valerie Lubrano about AFERM’s own Small Agency Community of Practice. We discuss the origins, purpose, membership and activities of the group!

Episode 20: National Risk Management

This week we speak with Sim Segal, author of National Risk Management: A Practical ERM Approach for Federal Governments. His paper lays out the benefits of a CRO and ERM program at the national government level — not just in the USA, but for any government around the world. Download the paper and listen to the show!

Episode 19: Risk Appetite at USAID

William Steiger
William Steiger

On this episode, Paul and Tal chat with USAID’s Reggie Mitchell, CFO, and Bill Steiger, Chief of Staff and Acting CRO. We go in depth on USAID’s excellent Risk Appetite Statement. Download the statement and follow along!

Episode 18: ERM at HUD

This week Tal and Paul chat with Larry Koskinen, CRO at HUD. Larry discuses data analytics, HUD’s nationwide risk managers, risk culture and incorporating ERM into strategy, budgeting and performance. Quote of the show: HUD does enterprise risk management, not enterprise list management!

Episode 17: Data Analytics for ERM

Join us as we speak with Bryan Jones, retired from the USPS OIG and current owner of Strategy First Analytics, about utilizing data analytics programs in conjunction with ERM. Bryan speaks about putting together a data analytics strategy, utilizing the tools agencies already have to make incremental progress and the importance of “decision” analytics.

Episode 16: Cybersecurity and ERM at Mecklenburg County

Join us as we speak with Sarah Lyburg, CFO of Mecklenburg County. We discuss a cyber incident that led to a rethink of how the county defended itself against cyber attacks and the importance of an ERM program.

Episode 15: ERM at NASA

This episode we chat with Frank Petersen, Cherisse Aquil and Larry Shaw at NASA about their unique risk culture and how they stood up their ERM program.

Episode 14: ERM at the VA

Join us as we chat with John Basso from the Veteran’s Administration about the VA’s ERM program and how it relates to planning, budgeting, performance, governance, strategy, portfolio analysis and data analytics!

Episode 13: ERM Book – Beyond the Basics

Sean Vineyard
Sean Vineyard
Cynthia Vitters

Today we speak with authors of the new book about Federal ERM entitled Public Sector Enterprise Risk Management: Advancing Beyond the Basics. Join us as we speak with Cynthia Vitters, Sean Vineyard and Ken Fletcher about the book, their chapters and chapters contributed by other authors in our Federal ERM community!

Episode 12: ERM at the HUD OIG

On this episode we check in with Jonelle Pianta, CRO at the HUD OIG, to discuss why the OIG decided to start their own ERM program, the unique challenges an OIG faces, audits of ERM programs and why your agency’s OIG may want to consider setting up its own ERM program. Thanks to AGA this week for the use of the AGA podcast studio!

Episode 11: GAO’s High-Risk List

Join us as we chat with Don Kettl, author of Managing Risk, Improving Results: Lessons for Improving Government Management from GAO’s High-Risk List. We discuss the history of the list, root causes and “root solutions,” strategies to stay off the list, and how this is all relevant to your ERM efforts!
> Read the report

Episode 10: ERM at King County

On this episode, we chat with Jennifer Hills from King County’s ERM program. Learn about the innovative approach King County has implemented to take calculated risks for the benefit of the government’s mission! This episode provides a great example of ERM implemented at the state and local level.

Episode 9: ERM at Ginnie Mae

This episode, Paul and Tal speak with Jason Leecost at Ginnie Mae about their ERM program, including risk profiles, risk taxonomy and a unique approach to risk appetite.

Episode 8: ERM at CNCS

On this episode we speak with Lori Giblin, Chief Risk Officer at the Corporation for National and Community Service, about their ERM and internal controls programs.

Episode 7: ERM at USDA RD

Today we speak with Jacki Ponti-Lazaruk, Chief Risk Officer at USDA Rural Development. The focus of the podcast is the importance of communication to a successful ERM program.

Episode 6: ERM at NIH

This week Paul chats with Meredith Stein from the NIH. They discuss NIH’s Risk Champions, how they put together their risk profile, education and training, and many more topics!

Episode 5: ERM at PBGC

On this episode, Paul chats with Nicole Puri, Risk Management Officer at the Pension Benefit Guaranty Corporation, about the importance of an independent role for a CRO, how to demonstrate the value of ERM to agency stakeholders and the interaction between the CRO and Inspector General.

Episode 4: ERM at the U.S. Coast Guard

Today Paul and Tal chat with the Deputy CFO and CRO of the Coast Guard, Craig Bennett. We talk about Black Swans and how the Coast Guard prioritizes its mission and mission support risks.

Episode 3: RIMS-CRMP-Fed Micro-Credential

On this episode, we talk to Todd Grams and Cynthia Vitters about the RIMS-CRMP-Fed Micro-Credential. What is it? What are the benefits of obtaining it? Is there a prep course? Learn all this and more, then use these links for registration & study materials:

Episode 2: ERM at HUD Public and Indian Housing

On this episode, we speak with Wendell Conner from HUD PIH about the journey to gain acceptance of the ERM program, the importance of incorporating operational risks into the register (especially gaining stakeholder buy-in!) and how ERM can add real value to an organization.

Episode 1: ERM at the IRS

On our inaugural episode, we chat with the IRS’ Chief Risk Officer, Tom Brandt. We discuss one of the most mature ERM programs in the Federal government, establishing the credibility of the program amongst senior leadership, gaining buy-in and some of the IRS’ unique risk and challenges.