Responding to Risks

Posted by: Australian Centre for Philanthropy and Nonprofit Studies
Queensland University of Technology

The final step in preparing your risk management plan is to develop a response for each of the risks you have identified. This section explains how this can be done. Starting with category A risks, go through the Risk List and develop responses to each of the risks that you have identified. (Note: each risk in categories A, B, and C should have at least one response, but may have more!)

In working out your responses, think about the following approaches to dealing with risk:

  • Avoiding The Risk
  • Transferring The Risk
  • Controlling The Risk
  • Insuring Against The Risk
  • Accepting the Risk

These five approaches are discussed in more detail below.

 

Avoiding The Risk

One way to reduce risk is to stop doing whatever it is that creates the risk. For example, many organisations use cheques or direct deposits to avoid risks associated with having large amounts of cash on the premises. Some organisations have informal practices where blank cheques are signed by one co-signatory, with the other co-signatory filling out the details at a later stage. Sensible organisations, and people who countersign cheques, invariably avoid this practice.

 

Transferring The Risk

Risk transfer occurs when you get someone else to bear the risk for a particular activity. For example, a child care centre might seek to transfer the risks associated with an outing by having parents sign a form waiving their rights to sue if their child is injured. Similarly, if you are purchasing a new computer, you will probably want a warranty.

Warranties are a means of spreading risks from one party (the person buying the equipment) to another party (the organisation selling the equipment). Remember however that there is often a cost in transferring risks to another party. For example, extended warranties can be purchased for office equipment, vehicles, and so forth. These warranties transfer certain risks to another party, but clearly at a price.

 

Controlling The Risk

Work though each of the risks you have identified and see if there are ways that you can reduce the likelihood of the risk occurring or of lessening the consequences of the risk. Some common strategies which can be used both to decrease the likelihood of risk, and lessen the consequences, include:

  • Make sure that there are clear procedures in place for areas with identified high risks. These procedures might include what to do in the event of fire, procedures for dealing with hostile clients or financial management procedures.
  • Provide adequate supervision for high risk areas. For example, where inexperienced staff is dealing with potentially hostile clients, it is important that adequate supervision be provided.
  • Provide information - people need to know what to do if they are exposed to a risk. Consider “fire exit” signs, “warning” signs near hazardous materials and so forth. Information on how to use equipment and what to do in the event of accidents should be readily available.
  • Keep things in order - prompt repairs, removal of rubbish, and generally maintaining a clean and tidy work environment does a lot to lessen the frequency and impact of risks. An added benefit of keeping things in order is that it makes for a more pleasant environment.
  • Provide training - the likelihood of risk will be greatly reduced when staff and volunteers have received proper training, for example in managing difficult clients.
  • Look for technological solutions - many risks can be reduced this way. Fire alarms and extinguishers, personal alarms, and burglar alarms each serve to lessen risks. Technical solutions should be used on a case by case basis, and should generally be used where the cost of the risk being covered exceeds the cost of technology.
  • Make backups - the impact of the loss, theft or damage of files can be reduced if paper and computer copies or backups of important files are kept. It is good practice to store copies in a separate place to the original documents, and to back up files regularly on the computer.
  • Assign responsibilities and be clear about who can represent your organisation in different settings, sign cheques, enter into contracts, make media releases or represent your organisation's policy position at public events.