Products

• BCL
• BEA
• DBSAE Programs
• Enterprise Standards
• ERAM
• ETP
• IMIE
• IRB
• LRP
• Report on Defense Business Operations
• SFIS
• SFIS Resources
• SFIS Library
• SFIS XML
• Training

Enterprise Risk Assessment Methodology (ERAM)

In 2006, most of Department of Defense’s (DoD) large information technology programs were over cost and behind schedule. The Deputy Secretary of Defense directed the Department to implement ERAM for its largest business Major Automated Information Systems (MAIS) and Major Defense Acquisition Programs (MDAP).

ERAM is a proactive and independent risk assessment process that is currently being used to reduce systemic risk and support informed decision making.  It focuses on delivering business capabilities rapidly, at a reduced cost, by identifying program vulnerabilities and assisting in developing mitigation solutions.

ERAM addresses risks across seven dimensions:  scope, people, strategy, technology, contracting, process and external factors.  It provides valuable information to senior executives who need insight into program risks prior to making major acquisition or investment decisions and is a critical component of Business Capability Lifecycle (BCL) — the complete lifecycle framework for business capabilities.  BCL reengineers major DoD processes to provide better governance and decision support to enable faster delivery of business capabilities.

Process

ERAMs are generally performed on business MAIS and MDAPs prior to major acquisition decisions.  However, programs may also request an ERAM assessment for reasons other than acquisition-related decisions.  Assessments are performed by matrixed teams of functional and technical experts led by representatives from the Acquisition Resources and Analysis Directorate within the Office of the Under Secretary of Defense, Acquisition, Technology and Logistics, and supported by BTA.

ERAM findings and mitigation plans are provided to the Milestone Decision Authority (MDA) and the appropriate functional Investment Review Board (IRB).  The IRB acts as an adviser to the MDA and certifies to the Defense Business Systems Committee (DBSMC) business system modernizations over $1 million as compliant to the Business Enterprise Architecture (BEA).  BEA compliance is required before funds may be obligated.

Results to Date

ERAMs have been conducted on more than ten programs across the military services and DoD agencies.  An analysis of ERAM risks reveals that many program risks are external and beyond the control of the Program Manager.  Mitigating external risks often requires senior executive engagement. 

ERAM Support is provided by the Enterprise Planning & Investment Directorate of the Business Transformation Agency.

BTA Enterprise Planning and Investment Director Talks Risk

Information technology experts from across government and private industry gathered in Williamsburg, Va., to discuss optimizing the enterprise through risk management. Full Article

EP&I Director, Other Leaders Challenge Status Quo at NDIA Summit

Paul Ketrick and others challenged current Department of Defense Information System (IS) acquisition and implementation practices at the National Defense Industrial Association IS Summit. Full Article

BTA's ERAM Team Supports the Curriculum for IRMC

The Business Transformation Agency's (BTA) proactive role in risk identification and mitigation was recently recognized by students of the Information Resources Management College (IRMC). Full Article