- "Avoid
a Wipeout: Risk Management for NPOs "
- Presenter:
Wes Doak, CFRE/CPM/MLIS
- Event:
Academy of Fundraising 2003
- Event
Sponsor: Capitol Chapter, Association of Fundraising Professionals
[AFP]
- No
endorsement of any link or service or product on this page is
intended by Mouse Magic!,
- Access
Sacramento, the Nonprofit Resource Center, AFP nor the website
authors. Last updated 02June03
-
- A quick comment on
where risk management plans fit into the overall
nonprofit/nongovernmental organization planning grid. The most
common cascading, or timing, of plans looks like this:
-
- Strategic
Plan
- Development
Plan
- Technology
Plan
- Risk Management
Plan
- While I agree about
the sequencing of the first three, I suggest that risk management
be part of all those plans rather than a fourth tier plan. More
thoughts, and/or discussion during our session.
Return to the
top of this page
A.
Definition(s) of Risk Management for NPOs
- "Risk Management is
the systematic process of identifying, analysing and responding to
project risk. It includes maximising the probability and
consequences of positive events and minimising the probability and
consequences of events adverse to project objectives. it includes
the processes of risk management planning, risk identification,
qualitative risk analysis, quantitative risk analysis, risk
response planning and risk monitoring & control". PMI
PMBOK 2000
- "...any uncertainty about a future
event that threatens your organzation's ability to accomplish its
mission." [People/Property/Income/Goodwill] Alliance
for Nonprofit Management FAQ document.
- "The possible deviation from what
you expect to occur" California...
- "A process that includes the four
functions of planning, organizing, leading, and controlling
business losses on that organization at reasonable cost." Dr.
George Head, Insurance Institute of America
- "Pondering 'What If...' Limiting
Risks to your Agency, Staff, Clients & Volunteers" Texas
Association of Nonprofit Organizations.
- "Its mission is to help nonprofit
organizations in Japan become aware of, and manage risk inherent
with their organizations so that these organizations can achieve
their mission to make our society better" Risk Management
Office for Japanese Nonprofits.
- Risk management is a discipline for
dealing with the possibility that some future event will cause
harm" Nonprofit Risk Management Center.
- "...the measure of the possibility
that the future may be surprisingly different from what we expect"
Nonprofits' Insurance Alliance of California.
- "Risk management is attempting to
identify and then manage threats that could severely impact or
bring down the organization. Generally, this involves reviewing
operations of the organization, identifying potential threats to
the organization and the likelihood of their occurrence, and then
taking appropriate actions to address the most likely threats."
Management Assistance Programs for Nonprofits.
- Return to
the top of this page
B.
Risk (management program) elements
(traditional)
- Identification
- Measurement
- Assessment
- Evaluation
- Transfer or ?
- Finance
- In the Texas "Nonprofit Legal
Toolkit" the following sequence was outlined:
-
- (First) evaluate risks then address
each risk by:
- Avoidance of the activity, (Rent
rather than buy)
- Modification of the risk, or
(Use expert advice)
- Transfer of the risk to another
entitity." (Insurance)
The Alliance for
Nonprofit Management lists seven steps:
- Establish the purpose
of the RM program
- Assign responsiblity
for the RM program
- Acknowledge and
identify risk(s)
- Evaluate and
prioritize risk(s)
- Decide how to manage
your risk(s):
- Avoidance
- Modification
- Retention
- Sharing
- Risk
transfer
- Implement your RM
plan
- Review and revise the
RM as needed
- Still another way of looking at the
big picture was developed by the Colorado Chapter of the Public
Risk Management Association. In their publication "Benchmarking,
Best Practices, and Performance Measurements for Public Entity
Risk Management...Guidelines" November 1999 [not
copyrighted]. They broke down the risk elements into the
following categories:
-
- Property Exposures
- Workers'
Compensation
- (Vehicle) Liability
- Public Officials'
Liability
- General Liability
- Law Enforcement
- General Safety
- Risk Management
Administration
- Environmental Health,
and
- Emergency Management
Below you will find a grid I hope you
find useful when reviewing the risks facing your organization. We'll
use it as we review the "What Can Go Wrong" and "Topics of Interest"
sections of this exercise. We will discuss its use during our
session.
|
High
Impact
|
Medium
|
High
|
Very
High
|
|
Medium
Impact
|
Low
|
Medium
|
High
|
|
Low
Impact
|
Very
Low
|
Low
|
Medium
|
|
|
Low
Possibility
|
Medium
Possiblity
|
High
Possibility
|
(c) 2003 Mouse Magic;
Advanced Resources & Technologies
Return to the
top of this page
C.
What can go wrong?
- Reputation [SEE
Allianceonline
FAQs on risk management in
the nonprofit sector, pp 1&3]
- Ability to hire good
employees
- Ability to attract good
volunteers
- Status in community at
large
- Ability to contribute to
planning, law, administrative rules, et al
- Resources
- People
- Board
- Employees
- Donors
- The public at
large
- Property
- Buildings
- Vehicles
- Grounds
- Intellectual
property
- Equipment
- Office
- Technology
- Medical/scientific/etc.
- Income
- Contacts
- Contributions
- Grants
- Sales
- In-kind
contributions
Return to the
top of this page
D.
Topics of interest for NPOs (cardinal not ordinal)
- Collaboration risks. SEE
Wilder Foundation publications.
- Confirm
compatibility
- Understand
motivations
- Conduct due
diligence
- Interpret the
message
- Clarify expectations
- Put it in writing (policies and
procedures)
- Controls; internal and
otherwise
- Span of control
- Delineate roles
- Prudent reserves (not just
$$$)
- Coping with cutbacks/financial
uncertainty. This outline, with just one or two detailed
lists, is taken from a free Wilder Foundation website listing 185
cutback strategies. I encourage you to check out the
site,
read the more detailed lists then contribute your own ideas. The
caveat mentioned on the website is "Just because we've listed a
strategy, don't think we endorse it. In fact, we dislike some, and
some may conflict with your mission, values, or human resource
policies." Ditto! SEE ALSO "Weathering funding reductions..."
in bibliography below.
- Financial Strategies: Cut or
control costs
- Analyze
purchasing
- Adjust payables
- Consolidate or restructure
debt
- Negotiate delayed or
reduced payments
- Barter for needed
services
- Evaluate facilities and
infrastructure
- Modify staffing and related
costs
- Reduce services
- Financial Strategies: Increase
revenues
- Manage money
differently
- Increase fees
- Initiate or accelerate
fund-raising
- Expand or add
services
- Increase
productivity
- Structural Strategies
- Modify the
mission
- Modify the organization's
structure
- Modify the organization's
culture
- Engagement Strategies
- Engage other
nonprofits
- Engage the
community
- Engage the business
community
- Engage the public/government
sector
- Disaster recovery
- Civil strife
- Terrorism
- Natural disaster
- Physical plant
- SEE ALSO technology
issues
- Events: social and
special
|
Initiate
|
Plan
|
Execute
|
Evaluate
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- Financial issues
- Chart Of Accounts
[COA]
- Government
regulations
- GAAP
- Fund accounting
- Prudent reserves
- Human resources management
(consistent employment practices)
- Hiring/Firing
- "...employment-related
allegations account for more than 75% of NPO
claims"
- "...wrongful termination
represents 60% of claims...sexual harassment and
discrimination are the next leading causes of employment
practices claims."
- Disabilities
- Volunteers
- Board
- Accountability
- Discontent
- Orientation and
training
- Consultants/Contracts
- Conflict management
- Vehicle records for all
employees and volunteers driving on the NPO's
behalf
- Legal issues, not covered
elsewhere in this document
- Copyright
(Library of Congress)
- Fair
Use (Stanford
Universisty)
- Filters
on the Internet (InfoPeople)
- Appropriate use policies (obtain
from a good public library website)
- Technology
- PCs
- Networks PAN/LAN/MAN/WAN/still
others!
- Data
- Passwords
- Backups
- Virus protection
software
- Disc utility
software
- UPS NOT surge
protectors!
- Firewalls
- Turn them on and use
them....
- Theft; insider and
otherwise
- Why?
- Greed
- Financial loss
- Revenge
- Thrill seeking
- How?
- Fictitious vendors or
consultants or staffers
- Check theft
- Credit card fraud
- Cash theft
- Indentify theft
- Prevention
- Protect against "how"
above
- Cost
- "...fraud accounts for
two-thirds of all crime." "...workplace crime...$300M in
1966...."
- Injuries to Clients,
Employees, Volunteers and the Public
- Scope changes/"Scope
Creep"
- Fraud (basically organized
theft)
- Return to
the top of this page
E.
Insurance coverage.
Purchasing insurance is not synonymous with risk management. Many
risks are not insurable such as goodwill, financial support, loss of
tax exempt status and some theft.
Budget enough money to buy good
insurance, then be sure everyone knows the limits of
insurance.
Return
to the top of this page
F.
Resources for further investigation/exploration....
- No
endorsement of any link or service or product on this page is
intended by Mouse Magic!,
- Access
Sacramento, the Nonprofit Resource Center, AFP nor the website
authors. Last updated 2June2003
- Books/publishers: (be sure to check
out Amazon
and/or Barnes
& Noble!)
- Journals/magazines:
- Organizations:(don't forget to use
Google
or Alltheweb
to search for your own items!)
- Websites: (don't forget to use
Google
or Alltheweb
to search for your own items!)
-
Return to the
top of this page
- Return
to the Mouse Magic! Training page
(c) Wes Doak, Mouse Magic!
2002/2003/2004
