a. Conduct a current-state assessment of the County’s existing risk management practices, resources, and organizational readiness. b. Facilitate workshops and/or interviews with County leadership, department heads, and key stakeholders to identify, assess, and prioritize enterprise-level risks. c. Design an ERM framework aligned with public-sector best practices and in accordance with ISO 31000 and tailored to the County’s governance structure and risk profile. d. Assist in the development of a risk appetite statement, enterprise risk register, and risk taxonomy. e. Recommend ERM governance structures, roles, responsibilities, and reporting protocols. f. Provide templates, tools, and guidance for risk documentation, assessment, continuous process improvement, and monitoring. g. Deliver training and knowledge transfer sessions to County staff to build internal capacity and promote a risk-aware culture. h. Propose strategies for integrating ERM into strategic planning, budgeting, and performance management processes.
