Standards Australia has been quite active in
its delivery of resources to the nonprofit sector, regarding the management and
communication of risk. 2010 saw the release of HB 266:2010 entitled “Guide for
managing risk in not-for-profit organizations”. This was supported by HB
327:2010 entitled “Communicating and consulting about risk”. Both publications
came off the back of AS/NZS ISO 3100:2009 entitled “Risk management -
Principles and guidelines”.
Together, these publications focused on the
core application areas of risk management, namely the principles for managing
risks, the framework within which these operated, and the process that
underpinned them. Communication was recognised as the key to successfully
implementing a risk aware culture within the organisation, as part of the
delivery of an effective risk management framework.
The message in these pronouncements is quite
clear. There are a broad range of risk principles that your organisation needs
to consider in order for risk to be understood in the broadest possible way.
These principles need to be contextualised within a consolidated framework that
must be well considered, well developed, and well understood. In order for such
a framework to be effective, it must be supported by a process that caters for
the identification, assessment, and treatment of risk. Additionally, this
process must be supported by an effective and consistent communication
methodology. Finally, and a very important point to consider when deciding on
how to approach the design and implementation of a Risk Management Framework,
is its workability. In other words, failure will be determined, in part, by the
way staff within your organisation view the Framework and how they work with it
and within it. Three key rules that I always say are a prerequisite for success
in this area are:
- SEAMLESNESS - The processes surrounding the Framework must be seamless. Staff must see it as merely another part of their day-to-day activities, rather than seen as yet ‘something else that needs to be done’;
- TRANSPARENCY - The Framework must support transparency. Information captured within it must be largely available to all staff. The only caveat here may relate to a range of strategic risks, and
- COMMUNICATION – Internal communications supporting the workings of the Framework must be effective and timely, ensuring confidence in the processes is maximised
This integrated approach to risk management
should be the focus for your nonprofit when considering and assessing risk. In
the context of nonprofit organisations, a wide range of risk categories combine
to form an overall picture of the risk environment within which nonprofits
operate. These can best be summarised in the following manner:
- Asset risk – which relates to the ongoing management and maintenance of the organisation’s physical assets including buildings and equipment used by employees, volunteers, contractors, and clients;
- Compliance risk – which relates to the external regulatory framework that the organisation operates within as well as the internal policies and procedures that are in place to govern behaviours of its internal stakeholders;
- Environment risk – which relates to the management and sustainability of the built and natural environment that the organisation works within, and, from which services are delivered;
- Financial risk – which relates to the operation, management and development of the financial frameworks within which the organisation operates in, and supported by its internal financial policies and procedures;
- Liability risk – which relates to the organisation’s services, products, information or behaviours that results in legal action against the organisation or its officers;
- Personnel risk – which relates to the safety, occupational health or well being of the organisation’s staff;
- Service delivery risk – which relates to failures in the provision of its services and how these may impact the organisation, and finally
- Technology risk – which relates to the security, safety, function and management of the organisation’s technology systems and processes.
A further aspect to consider
is the extent to which the implementation of a Risk Management Framework represents
challenges to your organisation in terms of implementation. This may require an
effective change management strategy in order to maximse successful implementation.
OPTIMUM NFP has
worked with many nonprofits in designing and implementing Risk Management
Frameworks which respond directly to the unique organisational requirements whilst
maintaining the important elements of the Australian Standards.
Further
information regarding the work of OPTIMUM NFP in this area can be found by
following this URL - https://www.optimumnfp.com.au/services/risk-management.html
Contact David Rosenbaum of OPTIMUM NFP at drosenbaum@optimumnfp.com.au or 0411-744-911 to further
discuss your requirements and how your nonprofit may benefit from the work we
do in this very important area.
In response to the change management challenges that may
be connected to successful implementation, keep an eye out for the forthcoming
NFP Change Management Masterclass being held in Sydney on Wednesday 12th
September 2018, where participants will be introduced to NFP specific change
management approaches which have directly resulted from this ground-breaking
research. You can register your interest by following this URL - https://www.optimumnfp.com.au/masterclass.html
No comments:
Post a Comment