A large NSW Government client requested that we evaluate the maturity of the Enterprise Risk Management (ERM) frameworks operating across 27 distinct agencies within their portfolio.
The project utilised a diagnostic maturity model to assess the degree to which ERM had been successfully implemented in each agency. The second phase of the project was then to accelerate the implementation of ERM in a number of smaller agencies where it was not yet mature.
The engagement required the deployment of a bespoke ERM ‘diagnostic tool’ (which we developed) as a maturity assessment model. This diagnostic tool was based on various requirements under ISO 31000, NSW Treasury requirements and our own ‘best practice’ benchmarks. The tool was constructed and pre-approved by the Ministry before deployment across the various agencies. The project then included:
The review highlighted areas where ERM implementation was deficient across the agencies, and resulted in many recommendations for improvements being made both at the specific agency and whole-of-portfolio levels. Many of the recommendations for improvement to the way ERM is designed and implemented were incorporated into a new Policy Directive issued by the central agancy. For four smaller agencies where their ERM framework was not mature at all, we subsequently assisted them in developing and implementing an improved risk management framework including initial Risk Registers.