Ten Golden Rules of Risk Management
Table of Contents
Risk management is an ongoing process and is the responsibility of everyone on your committee. In this article, we’ll explore a framework called the Ten Golden Rules which can help you think about ways that you can develop a culture for risk identification, management and monitoring.
1. Make it a regular thing
Make risk management part of your day to day operations. Make sure that everyone in your committee is educated, consulted, and communicated with, about risk management.
Include a broad range of stakeholders, such as your committee, members, and volunteers.
Risk is often seen as a negative, so promoting a healthy, continuous, improvement culture, rather than a fearful culture, can help the whole team adopt a positive approach.
2. Identifying Risks
Focus on ways you can identify risks early on. Some things you can do, include, speaking to members of your team and people outside of your committee who have expertise in this area.
This can be done in a one on one interview or group brainstorming session. In addition, conduct a review of any key organisational documents, which may detail potential risks, such as, your strategic and operational plans and your quality improvement plan.
3. Communicating the Risks
This rule is all about communicating the risks. It is quite common for committees to realise they could have avoided problems, if they provided their members and volunteers, greater opportunity to communicate the risks they see.
Making the topic of risk, an ongoing agenda item, demonstrates the value placed in this area by your committee. It will also provide people with a natural moment to raise any potential risk concerns and discuss existing ones.
4. The Opportunities of Risks
This might be a different approach for you. We usually think about risks as being negative and damaging, however, risks can provide opportunities as well.
For example, you may have identified a risk of loss of funding. However, this might provide an opportunity to expand and diversify your funding sources.
5. Allocate an Owner to the Risk
Clarify ownership issues. Once your list of potential risks has been established, the next step is to allocate a risk owner to each risk. This person is responsible for monitoring the situation, and carrying out the actions.
It’s important for your committee to distinguish the role of governance and management. For example, particularly in more strategic risks, like committee succession planning
6. Prioritise Risks
Rank your risks in order of most likely to least like to happen. Also rank the severity of consequences if the risk was to occur.
For example, if holding a fun run, the risk of a runner and falling and twisting their ankle could be quite likely. The risk of someone having a heart attack is less likely, but the consequences are more severe.
7. Strategic Approach
Create a strategic approach to analysing risks. When analysing risks, you need to look from two different perspectives – the cause, and the effect.
8. Plan and Implement
Plan and implement your risk responses. There are three different ways to deal with a threat.
You could avoid it. For example, not using a certain supplier.
You could minimise it, for example, by using non-slip mats in wet areas.
Or, you could accept the risk, for example, loss of knowledge from key people leaving your committee.
9. Create a Register
Create a risk register. As a committee, you should know the details of risk, the mitigation strategy, and how it’s being monitored.
10. Track Risks and Tasks
Consider how you’ll track risks and their associated tasks. The reports you receive at either a sub-committee or committee level, help you keep updated on risks. Your policies and procedures also play a key role in helping to minimise risk.
By following these 10 simple rules and creating a risk management plan, you will help protect your organisations from risks. Of course, it’s possible to avoid every risk your organisation will face, but with a risk management plan in place, you will have a clear strategy to deal with risks, if and when they occur.
Remember, risk management is the responsibility of the whole committee.