The U. S. General Services Administration (GSA) is continuously looking for new ways to deliver on its mission to provide value and savings in real estate, acquisition, technology, and other mission-support services across the Government. Using a cross-enterprise perspective, GSA identifies the most complex and interconnected risks to mission execution. This collaborative process empowers agency leaders to strategically allocate resources, allowing the agency to stay ahead of emerging risks.
The COVID-19 pandemic fundamentally altered the global risk landscape and presented GSA with unprecedented challenges. In the midst of a global economic downturn, extensive disruptions to supply chains and travel, and a massive shift to virtual work, GSA senior leaders deftly adapted and responded to these novel organizational risks. With a new sense of its resilience, GSA is committed to building a stronger and more responsive agency and will continue to strengthen its approach to identifying and managing its enterprise risks.
Implementing risk management principles across all functions and programs strengthens GSA’s ability to sustain its services in the midst of uncertainty and organizational risks. GSA administered its annual GSA Risk Survey to identify risks to the agency’s most critical activities. This survey captured risks that were magnified by the COVID-19 pandemic while also providing senior executives a snapshot of trends that predated this new risk landscape. The resulting feedback and underlying dataset helped refine GSA’s Enterprise Risk Profile and identify opportunities for improvement. Using data analytics, GSA will continue to review key risk data to prioritize actions on cross-cutting challenges. Focus areas for FY 2021 enterprise risk management efforts include:
- Cybersecurity - Cybersecurity is one of the most critical aspects of GSA’s Information Technology (IT) program. Cyber attacks and security vulnerabilities have the potential to bring down mission-critical systems and IT infrastructure. To mitigate these threats, GSA is focusing beyond compliance on operational security and identifying and managing capability gaps. Continuous monitoring and review are in place to protect GSA’s systems from hackers and other cyber attacks.
- Human Capital - GSA consistently ranks as one of the top 10 best places to work among midsize Federal agencies and the GSA human capital organization ranks 2 out of 24 agencies surveyed in the Customer Satisfaction Survey. The technical nature of GSA’s work offers unique challenges to recruiting, developing, and retaining top talent. Based on analysis of the human capital risks identified in the 2020 Enterprise Risk Survey, GSA will continue to seek innovative solutions to develop and grow its workforce while identifying opportunities for performance and process improvement across the enterprise.
- Legacy Database Technologies - Reliance on proprietary legacy technologies adversely affects operational flexibility and increases costs for GSA. To reduce the negative effects, GSA is leveraging the Technology Modernization Fund to support a multi-year transformation effort. GSA is shifting from proprietary to open source databases, which will simplify integrations with other systems. This will help applications achieve greater flexibility in their system architecture while improving resilience, scalability, maintainability, and performance.
- Federal Building Fund (FBF) - GSA collects market rents from tenant customer agencies that are deposited into the FBF. GSA uses these funds to operate, maintain, and invest in its real property inventory. However, GSA is dependent upon Congressional approval for annual appropriations and authorizations. GSA’s inability to spend at the level of rent collection impedes GSA’s ability to allocate resources for critical repairs and improvements across its real estate portfolio, which leads to further deterioration of aging Federal assets. The result is avoidable increased costs due to delayed repairs and missed opportunities to consolidate space. Ensuring full access to the FBF allows GSA to effectively plan for investments in its owned portfolio, supports efforts to decrease the overall size of the leased portfolio, and generates significant savings over the long term.
- Supply Chain Risk Management (SCRM) - GSA, like other Federal agencies, works with a range of suppliers to execute its mission. Over the past decade, Federal guidance and regulation have evolved to prioritize supply chain risk management in line with the increasing threat of exploitation of the Nation’s supply chain. This includes guidance such as Section 889 of the 2019 National Defense Authorization Act, which went into full effect this August. GSA’s senior executives highlighted in the FY 2020 GSA Risk Survey a strong potential for supply chain disruptions as a result of the COVID-19 pandemic and have worked with partners to mitigate the effect of those disruptions on mission execution. GSA will continue to build out its SCRM capabilities, to include a SCRM Executive Board to both improve capabilities and practices across GSA, as well as continually identify, monitor, and manage future supply chain risks.
Each of the risks described above, if not effectively managed, has the potential to disrupt GSA’s ability to meet its objectives and execute its mission. Engaged leadership and an increased willingness to work across business units to manage risk promotes transparency and helps develop a proactive risk and opportunity culture. By identifying an accountable executive for each risk, who has the responsibility for tracking implementation of mitigation plans and strategies, GSA promotes accountability. Ensuring that critical risks are monitored by leveraging qualitative and quantitative information allows GSA to effectively align investments to mitigate key risks and strengthen operations, ultimately maximizing value to customer agencies and taxpayers.