Notice ID: EAC2400001
The Compliance & Oversight Group (COG) is seeking sources capable of meeting and supporting FCC’s Enterprise Risk Management (ERM) vision. An automated ERM solution will provide a robust workspace and repository to track, monitor, and test internal controls, facilitate assessments and audits, and manage risks while providing real time updates through its reporting platform. We seek information from vendors who can provide automation platform/software, enabling FCC to accomplish its mission, through readily available, integrated, reliable and useful risk information, for day-day decision-making.
One or multiple vendors could be used to meet these needs, and vendors are encouraged to respond to the RFI even if they can meet only a subset of the vision/need.
FCC is looking for the vendor to provide information regarding their ERM automation platform/software capability that supports one or more of the following:
- Integration of different data elements (simplified ingestion and information dissemination) through the tool. For example, internal control, risk, audits, strategy, performance, budget, emerging risks, improper payment risks and actual improper payments, fraud risks and actual fraud information, privacy risks, cybersecurity risks, IG’s list of management and performance challenges, voice of employee survey, customer complaints, media reports regarding agency program risks, overlap of agency risks with rest of federal government (GAO’s high-risk list, CIGIE’s top management & performance challenges).
- Manage the risks at the program level and utilize the dashboard for everyday decision making at different levels of management with aggregation of relevant data for effective decision making.
- Elevate the risks up the chain (e.g., significant risk or accepted risk), and handling its associated workflow.
- Capability for Bureau/Office (B/O) and ERM team to manage/administer all risk assessments (fraud; improper payment; entity; other future risk assessments); Capability to auto‐flag the risks that exceed the risk appetite, and push notifications that meet a certain criterion.
- Capability for B/Os to provide their annual internal control ratings across the agency’s performance goals, initially as draft submission and then as final submission.
- Capability for B/Os to provide (and ideally certify) their assertion letter regarding internal controls and risks through the tool.
- Track action items pertaining to any internal control, risk or audit area in a crossfunctional manner.
- Task assignments, and multi‐level review capabilities …
Not Yet a Premium Partner/Sponsor? Learn more about the OS AI Premium Corporate and Individual Plans here. Plans start at $250 annually.