USPTO has issued an RFI to leverage industry best practices to execute an ERM Program at USPTO. This ERM program will be complementary and integrate with the USPTO’s existing financial and IT related risk management review functions (A-123). The USPTO is seeking a solution that will address the ongoing ERM requirements from OMB including annual risk assessments and risk profile development. In addition to ongoing ERM compliance activities, the USPTO is seeking a solution to conduct financial and non-financial control reviews as part of the ERM program’s effort to analyze and mitigate high priority as well as new and emerging risks. The USPTO’s ERM program must, at a minimum, follow existing Federal guidelines for risk management such as, the Government Accountability Office Green Book, Office of Management and Budget Circulars, and Department of Commerce guidance. We are seeking a small team to join us full-time onsite to conduct enterprise wide as well as business unit specific risk assessments, financial and non-financial control reviews and mitigation action plans.
There are specific elements that the USPTO expects from an ongoing ERM program. The USPTO is looking to industry to support key activities of the ERM program. As such, the contractor shall:
- Develop and provide policy, plans, tools, techniques and processes that support and ensure ERM integration and sustainment within all functional areas of the USPTO.
- Develop and provide guidance and oversight of all matters pertaining to the formulation, review and execution of policies, plans, tools and techniques relative to ERM necessary to support USPTO-wide integration and sustainment of an ERM Program.
- Conduct periodic risks assessments for both the enterprise as well as individual business units and…”