What's "Risk Management"?

What's "Risk Management"?
Risk management is attempting to identify and then manage threats that could severely impact or bring down the organization. Generally, this involves reviewing operations of the organization, identifying potential threats to the organization and the likelihood of their occurrence, and then taking appropriate actions to address the most likely threats.

Traditionally, risk management was thought of as mostly a matter of getting the right insurance. Insurance coverage usually came in rather standard packages, so people tended to not take risk management seriously. However, this impression of risk management has changed dramatically. With the recent increase in rules and regulations, employee-related lawsuits and reliance on key resources, risk management is becoming a management practice that is every bit as important as financial or facilities management.

There are several basic activities which a nonprofit organization can conduct to dramatically reduce its chances of experiencing a catastrophic event that ruins or severely impairs the organization.

Conducting a Risk Management Assessment
Organizations should regularly undertake comprehensive, focused assessment of potential risks to the organization. This focused assessment should occur at least twice a year by a team of staff members representing all the major functions of the organization. The assessment should be carefully planned, documented and methodically carried out.

The most common risks are typically of the types listed below. Comprehensive checklists help a great deal to quickly review a wide range of organizational aspects. Other aspects require more careful review.

Checklists in the following sections cover almost 140 considerations to ensure a well run and highly protected organization.