Improve Audit Readiness and Affordability with Risk Management Framework

Guidehouse Risk Management Framework to Mitigate Risk and Improve Compliance

Challenge

Based on a series of initial discovery assessments of a federal agency command control center, the command center lacked standard business processes and related documentation, compliance with systems requirement, and clear roles of responsibilities for audit and audit remediation. The command center required support to address a variety of financial deficiencies and built the command center’s cybersecurity program.

 

Solution

Guidehouse made targeted recommendation for governance structures, developed an audit readiness maturity model for the command center self-assessment of accountability and audit. Our team led three of the focus areas targeting Information Systems and Command Cybersecurity Programs. The team also evaluated the compliance and status of requirements implementation to initiate transition of seven financially relevant systems into the Risk Management Framework (RMF) process. Furthermore, the team led workshops to create process documentation for key segments of the business operations to support audit requests, performed controls gap analysis, and built artifacts for an internal control library based on process standardization effort and other observations. Guidehouse team developed a tool and deployed it to five of the seven systems to map RMF requirements to the Financial Management Overlay and incorporate into the RMF process. In addition, the team developed an access conflict matrix and guided the command center through adjustments by removing conflicting roles and streamlining processes to support appropriate access and roles.

 

Impact

  • Increased organic capabilities of the command center to successfully undergo an audit of financial and information systems operation.
  • Enabled seamless transition of relevant systems into the agency’s Risk Mitigation Framework (RMF).
  • Improved operation efficiency by removing conflicting roles and streamline processes.

About the Experts

Back to top