Insight

ERM: A systemic approach to reducing your nonprofit’s risks

ERM: A systemic approach to reducing your nonprofit’s risks | risk management plan for nonprofit organization | WCS | Baltimore, MD

Do you associate enterprise risk management (ERM) with for-profit businesses? This systemic approach to risk reduction can be just as effective when adopted by nonprofit organizations. Even organizations with limited resources can — and should — use an ERM process to combat threats.

Weighing risks

ERM is a comprehensive program that considers an organization’s entire portfolio of risks. Rather than attacking every risk equally, ERM compares risks and strategically deploys resources depending on their likelihood and potential impact.

You might also have different tolerances for different kinds of threats — for example, be mildly cautious about reputational risks and very averse to financial risks. With ERM, you can contain those risks with the greatest potential impact and respond nimbly to others.

Using it effectively

Experienced financial advisors and risk-management consultants can help you set up an ERM program. Generally, you’ll want to start by establishing a risk management governance structure with assigned roles and responsibilities. Your nonprofit’s executives and board should define the organization’s risk tolerance and make clear its commitment to the program.

Next, your organization will want to:

Assemble a cross-departmental committee to develop the program. Different departments may have different perspectives on certain risks. For example, a finance manager might think inaccurate reporting of program information is less consequential because it’s unlikely to affect revenues or expenses. Your public relations manager may disagree, arguing that such errors could affect how donors and other supporters view your nonprofit.

Conduct a risk assessment. The committee’s first task is to identify risks. It shouldn’t rely on its own knowledge, but should conduct interviews with management and staff and, possibly, clients. Then, the committee will be ready to rank risks based on your organization’s tolerance and their potential impact. Which are most likely to occur? Which could cause the most harm? The bottom line: Which threats are most likely to prevent you from accomplishing your mission?

Create and implement a plan. Once risks are identified and prioritized, the committee can devise a plan to mitigate them appropriately. For each risk, it should determine whether to accept, reduce or avoid it. And it should implement controls, processes and procedures accordingly. The committee is then charged with rolling out the plan. This should include communicating it throughout the organization.

Review and revise. ERM is an ongoing process, with continual monitoring of key risks and key performance indicators to ensure appropriate adjustments. Be sure to update your initial risk assessment to reflect organizational changes (for example, new staff or services), as well as changes in the legal and regulatory environment.

Cost-effective method

Once it’s established, you should be able to manage an ERM program with internal staff and board input. So, it’s a fairly cost-effective method of containing threats. Talk to us about adopting ERM.

© 2020

 

Related Insights

Unlock your child’s potential by investing in a 529 plan | tax preparation in cecil county | Weyrich, Cronin & Sorra

Tax Prep, Planning & Strategy

Unlock your child’s potential by investing in a 529 plan

If you have a child or grandchild planning to attend college, you’ve probably heard about qualified tuition programs, also known as 529 plans.…
The amount you and your employees can save for retirement is going up slightly in 2025 | tax accountants in washington dc | Weyrich, Cronin & Sorra

Employee Benefit Plan Audits

The amount you and your employees can save for retirement is going up slightly in 2025

How much can you and your employees contribute to your 401(k)s or other retirement plans next year? In Notice 2024-80, the IRS recently announced…
Business alert: BOI reporting requirements have been suspended for now | accounting firm in baltimore md | Weyrich, Cronin & Sorra

Management Advisory Services & Business Consulting

Business alert: BOI reporting requirements have been suspended for now

New beneficial ownership information (BOI) reporting requirements that many small businesses were required to comply with by January 1, 2025,…

Connect with us

Use the form below to send us an email. WCS responds directly to all inquiries and general questions within 24 hours of posting.

This contact form is deactivated because you refused to accept Google reCaptcha service which is necessary to validate any messages sent by the form.