(The duties described reflect the full performance level of this position)
The Risk Management Analyst, reporting to OJP's Director of the Office of Audit, Assessment, and Management (OAAM), serves as a key lead in the development of an Enterprise Risk Management (ERM) program, responsible for establishing tools, practices, and policies to analyze and report enterprise risks, and to manage risks according to an enterprise risk management framework. Responsibilities include identifying, evaluating, mitigating, and monitoring risks associated with the agency's operational, strategic, programmatic, and financial activities across the agency at the enterprise, program, and grantee level, and reporting on and recommending policies and standards necessary to effectively manage and address identified risks to the Director of OAAM. This entails identification of risks throughout the organization, developing reporting and monitoring formats on risk management issues, and developing risk management policies and strategies consistent with applicable guidelines and strategic imperatives of the organization.
In carrying out the design and maintenance of an Enterprise Risk Management program, develops methodologies and approaches for the identification and assessment of risks throughout the organization. This entails establishing key risk indicators; examining the agency's operational, strategic, programmatic, and financial activities to identify risk; evaluating the effectiveness of the agency internal control framework in addressing risks; recommending corrective actions to mitigate and address risks; and performing risk monitoring and reporting, such as developing risk scorecards and identifying significant trends and issues.
Researches and prepares written analyses and reports regarding significant risks, risk mitigation strategies, and impact on agency policies, programs, and functions. Presents findings and recommendations on complex issues to a variety of audiences and stakeholders.
Provides expert advice and guidance to agency officials on enterprise risk management matters and policies pertaining to risks and mitigation strategies which impact substantive, mission oriented programs and functions.
Makes major recommendations and determinations on policy formulation and short- and long term planning in connection with prospective changes in functions and programs and significant internal and external program and policy issues affecting the overall organization.
Provides expert advice and guidance on broad projects and programs with national impact. Guidance requires extensive interpretation for many different and unrelated program processes and methods, such as interpretations of existing regulations and advice on revisions to existing policies and programs to meet requirements. Guides risk owners to adhere to agency's risk management policies pertaining to risks and controls. Leads development of policies, procedures, and makes recommendations for control assessments in response to identified enterprise risks. Recommends long-range program plans, goals, objectives, and milestones, which serve as the basis for substantive changes in the organization and administration of programs affecting large numbers of people.3