Note: the following are excerpts from the extensive FOCA Risk Management Manual, which is available in its entirety (244 pages) to Members only.
Risk around us in everything we do.
Volunteers, employees and directors of organizations must always be mindful of risks – this means examining situations cautiously and thinking ahead to the potential consequences of decisions and actions. It is a good idea for nonprofits, regardless of their size, to look at risk management more systematically.
The process of risk management can be simplified to these five steps:
- looking at a situation and asking what can go wrong and what harm could result
- prioritizing your risks and determine key risks
- identifying practical measures that can be taken to keep key risks in check (and to minimize harm or damage if the risk does occur)
- communicating these to your people (important risk management steps need to be communicated several times in several ways including in writing)
- starting and then monitoring these actions over time to make improvements
Practical measures that can be taken to manage risks fall into four categories:
- assume the risk (decide that the risk is minor and do nothing)
- reduce the risk (find ways to change people’s behaviour or the environment in which people work so that the degree of risk is reduced)
- eliminate the risk (choose not to do something) and
- transfer the risk (accept the risk but transfer the liability associated with it to someone else through a written contract)
Every organization will face different risks and will plan and implement different measures to deal with these risks.
The measures that are taken to manage risks are usually those that would be taken by any other prudent and reasonable person having the same skills, knowledge and experience as ourselves. This is why the practice of risk management is based in large part on common sense and is linked to the concept of “standard of care.”
These measures will tend to revolve around:
For more information, or to get started on your association’s own risk management process, consult the FOCA Risk Management Manual (members only).