Resources: Client Service | Media & Publications Centre | Advocacy | Links | Search

Home > Resources > Advocacy > Not-For-Profit Groups Resource Link

resources

• client service
• media & publications centre
• advocacy
• direct assistance
• not-for-profit groups resource link
  • nfp faq 1
  • nfp faq 2
  • nfp faq 3
  • nfp faq 4
• insurance crisis factsheet
• links

The Risk Management Process

What is risk management?

Risk management is a process whereby the possibility of risk and problems is considered and identified and steps taken to minimise or avoid such risks and problems. The process also assists in identifying just what risks are more likely to eventuate - thus permitting an organisation to more effectively prioritise in terms of risk management strategies.

In order to effectively manage risks it is necessary to answer 3 basic questions:

• What can go wrong in my organisation?
• What can my organisation do to prevent or minimise this?
• What can my organisation do if something goes wrong?
• The risk management process

The risk management process involves 5 basic steps

Step 1 - Establishing the context

That is, identify what is actually at risk. In this regard it is helpful to consider the following:

• The relationships enjoyed by the organisation.
• The relevant laws etc relating to the operation of the organisation.
• The aims and objectives of the organisation.
• The personnel - internal and external - involved in the organisation.
• The capabilities of the organisation.
• The organisation's current risk management strategies (if any).
• Does the organisation have an "acceptable risk level"?

Step 2 - Identifying risks

The organisation should ask the following questions:

• What can happen and when, where, how and why might it occur?
• Who and what might be involved?
• What are the potential effects and who will be affected?

Step 3 - Analyse the risk

Identify the likelihood of an event occurring and cross reference this against the severity of the consequences of the event. Obviously if a potential risk has a high likelihood rating and has potentially severe consequences then it is one that should be given high priority in terms of implementing a risk management strategy.

Step 4 - Evaluating the risk

this step will assist the organisation in establishing priorities in risk management strategies. It can then be determined which of the following responses should be adopted:

• Accepting the risk
• Avoiding the risk
• Reducing the risk
• Transferring the risk

Step 5 - Monitor and review

Once the strategies have been implemented it is necessary, on an ongoing basis, to assess such implemented strategies (monitoring) and the effectiveness of same and the organisation's environment (reviewing).