CalNonprofits Insurance Services

Become a Risk Management Superhero

Print Friendly, PDF & Email

Risk is the chance of loss.  A severe loss to your organization can cause injuries to people, damage of property, and damage to reputation.  This can result in substantial business interruption and monetary loss.  Sometimes people think of gambling when they think of risk. However, with gambling there is the chance of gain as well as loss.  Risk management is the process of identifying and handling the risks faced by your organization. By actively engaging in this process you can become a Risk Management Superhero for your nonprofit!   

You should care about risk management because it can ensure the safety of your staff and the people you serve as well as the sustainability and reputation of your organization. It would be terrible to permanently close some or all your  operations  because there was no plan in place for dealing with risks we all face.  The risk management plan gives staff a blueprint for handling the risks and “bakes in” the idea of risk management for the entire team.  Risk management should be connected to your mission. By managing risks appropriately, you can make sure your organization survives to continue your mission and the valuable services you provide.    

Risk Management Process

There are 5 steps to the risk management process –  

  • Identify risks.  There are many ways to go about identifying the risks your operations and organization face.  Use as many brains as possible – everyone has a different point of view and may find additional risks.  Checklists and other tools can help in the identification process. Review contracts for risks the organization has accepted. 
  • Analyze and rank risks. Analyze the identified risks for impact severity and potential frequency.  Each identified risk should be analyzed and assessed for impact and prioritized. 
  • Evaluate options for handling each risk based on the potential severity and frequency.  The major methods for handling risks include
    • Avoid – eliminate or stop the activity (high impact/cost, low reward).
    • Reduce – take steps to minimize the risk such as safety equipment, modifications to processes. 
    • Transfer/Share – Transfer the risk to another party – this is usually done via a contract.  Insurance is a contract and one that transfers risks from the organization to the insurance company.   
    • Retain – do nothing – you accept the risk (low impact, low potential cost) – make a plan to pay for the risks you retain! 
  • Implement Plan – Implement the controls identified above, purchase insurance, enter into contracts, implement safety controls, and train staff.  
  • Review and Evaluate – Risk management is a continuous process and must be reviewed, evaluated, and adjusted for effectiveness periodically. Each new program should be taken through the risk management process.  

Business Continuity Plan

Business Continuity Plan (BCP) is the documented risk management plan for ensuring the continuance of operations in the event of a disaster.  The plan should document the steps that individuals need to take depending on the type of disaster and shut down. The process to create the BCP is similar to the larger risk management plan –  

  • Identify the types of interruption or shut down 
  • Analyze the functions and how you can recover
  • Explore strategies for handling and examine gaps in capabilities 
  • Develop the Plan 
  • Test and review periodically – since the plan is for future shutdowns it should be tested periodically and reviewed for changes. 


Most of our carriers have risk management resources available that are specific to nonprofits.  In addition, we are an affiliate of the Nonprofit Risk Management Center.  We offer their discounted online Risk Management Planning Tool that will walk you through the steps of creating a risk management plan for your organization. CalNonprofits Insurance Services is providing sponsored registration for the upcoming 2020 Virtual Risk Summit so that our clients can attend at no cost to them. Contact us today to assist with building your risk management plan!   


CalNonprofits Insurance Services Risk Management

Managing Risk for a Successful Nonprofit Organization

No Business Continuity Plan? Take These 4 Steps

Vector image by VectorStock / vectorstock

About the Author

  • Colleen has over 20 years of experience crafting insurance programs for nonprofits, she is an insurance geek and actually enjoys reading insurance policies and forms. If she isn’t working, you can find her scuba diving in exotic locations or cooking up delicious meals for her family (husband, 4 children, 3 grandbabies, and Abby the incredible McNab).

Leave a Reply

Your email address will not be published.