Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock
()
or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Assess the underwriting process to evaluate whether an independent review or other controls would be appropriate to ensure independence of the risk management function from underwriting for transactions that exceed the threshold for delegated authority....
Complete development of and implement its enterprise risk management (ERM) training policy, including training to EXIM’s enterprise risk committee (ERC) members.
Strengthen EXIM’s internal controls review program by expanding it to apply to all operational processes. Once the internal controls review program is developed, EXIM should communicate it to all business units for awareness and implement it agency-wide.
Determine whether EXIM can incorporate information for root cause events and intermediate events to measure and monitor as key risk indicators (KRIs).
Update its KRIs so that they are forward-looking and measurable through specific metrics and determine specific thresholds for KRIs above which EXIM would assess the need for further analysis or action.