Professional Documents
Culture Documents
Risk and Management
Risk and Management
Risk can be defined as the combination of the probability of an event and its
consequences. In all types of undertaking, there is the potential for events and
consequences that constitute opportunities for benefit (upside) or threats to success
(downside).
Risk Management is increasingly recognized as being concerned with both positive
and negative aspects of risk. Therefore this standard considers risk from both
perspectives. In the safety field, it is generally recognized that consequences are
only negative and therefore the management of safety risk is focused on prevention
and mitigation of harm.
Risk is anything that can derail your nonprofit from accomplishing its mission. Risk
management is a discipline for identifying risks, assessing how serious or severe the
risks are, and determining ways to address that uncertain future with a goal of
avoiding or minimizing harm and financial losses. Risk management focuses on those
events or occurrences that may cause injury or harm to a nonprofits clients, its
assets (including employees and volunteers) and its reputation.
Risk and Risk Management
Risk-uncertainty of the outcome
Risk can bring unexpected gains. It can also cause unforeseen losses, even
catastrophes. Risks are common and inherent in the financial markets and
commodity markets: asset risk (stocks...), interest rate risk, foreign exchange risk,
credit risk, commodity risk and so on. There are two totally different attitudes toward
risks:
1.
Risk aversion: quantify an identified risk and control it, i.e., to devise a plan to
manage the exposed risk and convert it into a desired form. Basically, two
kinds of plans are available: a. Replace the uncertainty with a certainty to avoid
the risk of adverse outcomes even if this requires giving up the potential
gaining opportunity. Be willing to pay a certain price for the potential gaining
opportunity, while avoiding the risk of adverse outcomes.
Risk seeking: willing to take the risk with one's money, in hope of reaping risk
2.
profits from investments in risky assets out of their frequent price changes.
Acting in hope of reaping risk profits from the market price changes is called
speculation.
The most common risks facing nonprofits:
The frequency of a particular risk will depend on what activities your nonprofit is
engaged in. Youth-serving organizations and those serving vulnerable persons are
always concerned about the safety of their clients in the hands of volunteers or staff
who provide services. Yet, the most common risk for those organizations may be
related to the fact that the clients are being transported every day in vans, exposing
them and the driver to a possible motor vehicle accident. A serious risk that every
nonprofit faces is the risk that its reputation or good will in the community could be
eroded by any number of circumstances, from a surly receptionist to financial
improprieties. Each nonprofit needs to conduct an assessment of its activities to
determine what its own most common risks may be. Statistically, if your nonprofit
has any employees, it is probable that at some point the organization will be faced
with an employment-related claim. Common claims in the property and casualty area
include slips, trips and falls and motor vehicle accidents.
Sorts of events which cause us to lose our tax-exempt status:
Your organizations articles of incorporation probably mirror the IRS regulations under
Code Section by providing a fairly specific checklist of what to avoid:
(i)
(ii)
(iii)
(iv)
Many times the first enforcement step is for the IRS to impose penalties, called
intermediate sanctions against the nonprofit, the person who received the
excess benefit and board members who approved the nonprofits actions.
However, in egregious situations the IRS will move directly to revoke an
Running a commercial activity through the nonprofit that has no relation to the
mission and/or that takes up more than an insubstantial amount of time,
energy and resources, so that it overshadows the charitable activities of the
organization.
Risk Management
Note that if probability is high, and impact is low, it is a Medium risk. On the other
hand if impact is high, and probability low, it is High priority. A remote chance of a
catastrophe warrants more attention than a high chance of a hiccup.
Risk Response
There are four things you can do about a risk. The strategies are:
Avoid the risk. Do something to remove it. Use another supplier for example.
Transfer the risk. Make someone else responsible. Perhaps a Vendor can be
made responsible for a particularly risky part of the project.
Mitigate the risk. Take actions to lessen the impact or chance of the risk
occurring. If the risk relates to availability of resources, draw up an agreement
and get sign-off for the resource to be available.
Accept the risk. The risk might be so small the effort to do anything is not
worthwhile.
A risk response plan should include the strategy and action items to address the
strategy. The actions should include what needs to be done, who is doing it, and
when it should be completed.
Risk Control
The final step is to continually monitor risks to identify any change in the status, or if
they turn into an issue. It is best to hold regular risk reviews to identify actions
outstanding, risk probability and impact, remove risks that have passed, and identify
new risks.