Table of Contents
Part I Nonprofit Risk and Mitigation 1
Chapter 1 Thinking About Risk 3
What's Special About Nonprofit Risk? 5
The Nonprofit Business Model Creates Risks for Many Nonprofit Organizations 5
6 Common Warning Signs of Underlying Risk 6
What Is Risk? 7
Types of Risk 8
Dimensions of Risk 8
Categories of Risk 9
5 Operating Risks in Key Organizational Pillars 9
Why Nonprofit Enterprise Risk Management Matters 9
Risk Profile 10
Appetite for Risk 11
Summary 11
Chapter 2 Getting Started with Enterprise Risk Management 13
Defining Enterprise Risk Management 13
Getting Started with Enterprise Risk Management 14
Teeing Up the ERM Planning Process 15
Stage 1 Readiness and Rollout 17
Step 1 Taking Stock of Your Organization and Its Readiness for ERM 17
Step 2 Find Champions and Build a Team 20
Step 3 Engage Managers, Staff, and Board in Risk Assessment 20
Step 4 Frame out the Process 22
Stage 2 Risk Identification and Assessment 22
Step 1 Risk Identification 23
Step 2 Risk Assessment 26
Step 3 Organize and Describe Risks 28
Tools for Risk Assessment 30
Likelihood/Impact Matrix 32
Moving to ERM Mitigation Planning 33
Summary 34
Chapter 3 Risk Mitigation Plan Development & Monitoring 35
Turning Your Risk Assessment into a Risk Mitigation Plan 36
Step 1 Develop an Enterprise Risk Policy that Describes the Overall Framework for ERM Activities 38
Step 2 Use Tools to Develop Mitigation Action Plans (MAPs) to Manage Risk Management Activities 39
Step 3 Develop a Reporting Process to Monitor the Status and Completion of Risk Mitigation Activities 40
Step 4 Develop Indicators to Track and Report Risk, Summarize Mitigation Activities and Document Resolution 41
Step 5 Create a Schedule for Monitoring ERM Plan Implementation and Reviewing the Effectiveness of Mitigation Strategies 44
Creating a Risk Register and Risk Mitigation Log 45
Reporting and Mitigation Accountability Strategies 48
A Note on Residual Risk 48
Implementing Your ERM Plan and Monitoring Risk 48
Summary 50
Chapter 4 Making It Work 51
Getting Started 51
The Nonprofit Risk App 54
Navigation (Top Controls) 55
Tab Bar (Bottom Controls) 56
Readiness and Rollout 56
Risk Identification and Assessment 57
Building the Risk List 58
Turning the Risk List into a Risk Register 60
Risk Mitigation Plan Development & Monitoring 62
Summary 64
Part II Nonprofit Operating Risk 65
Chapter 5 Programs & Services 67
Focusing on Mission 68
What to Watch For 69
Prevention 70
Mitigation 70
Providing Programming & Services 71
What to Watch For 71
Prevention 72
Serving the Public: Patrons, Audiences, and Clients 73
What to Watch For 73
Prevention 73
Working with Other Organizations 75
What to Watch For 75
Prevention 75
Mitigation 76
Planning for Sustainability, Resizing, and the Future 76
What to Watch For 76
Prevention 77
Mitigation 78
Summary 78
Chapter 6 Personnel 79
Working for Good 79
Personnel in Action 80
What to Watch For 80
Conflicts of Interest 81
What to Watch For 81
Prevention 82
Conflicts of Role 83
What to Watch For 83
Prevention 83
Working with Management 84
What to Watch For 84
Prevention 84
Mitigation 85
Managing Credentials and Performance Appraisals 85
What to Watch For 86
Prevention 86
Summary 86
Chapter 7 Environment, Regulatory, and Compliance Issues 87
Managing in the Community and Operating Environments 87
What to Watch For 88
Prevention 89
Managing Compliance and Regulations 90
What to Watch For 90
Prevention 91
Responding to Catastrophic Environmental Risk 91
What to Watch For 92
Being Part of the Nonprofit Environment 92
What to Watch For 93
Prevention 93
Summary 94
Chapter 8 Finance 95
Managing the Organization's Cash, Investments, and Financial Reputation 95
What to Watch For 95
Prevention 97
Mitigation 98
Accounting for Grants, Activities, and Overhead 98
What to Watch For 99
Prevention 99
Mitigation 100
Dealing with Discretionary, Ad Hoc, and Emergency Situations 100
What to Watch For 101
Prevention 101
Mitigation 101
Summary 101
Chapter 9 Fundraising 103
Working with Grants and Funders 104
What to Watch For 106
Prevention 107
Mitigation 108
Managing the Donor Base 108
What to Watch For 109
Prevention 109
Fundraising Events 110
What to Watch For 110
Mitigation 111
Summary 111
Chapter 10 Marketing, Communications, and Reputation 113
Focusing on Mission and Partners 114
What to Watch For 114
Prevention 115
Mitigation 116
Calendaring 116
What to Watch For 117
Prevention 118
Mitigation 118
Messaging 119
What to Watch For 119
Prevention 119
Mitigation 120
Managing the Economic Model 121
What to Watch For 122
Prevention 122
Mitigation 123
Summary 123
Chapter 11 Operations 125
Handling Operational Tax Issues in Nonprofit and Nongovernmental Organizations 125
What to Watch For 125
Prevention 126
Mitigation 126
Reviewing Basic Operational Risks for Organizations: Document and Data Retention 127
What to Watch For 127
Prevention 127
Reviewing Basic Operational Risks for Organizations: Disaster Recovery 128
What to Watch For 129
Precautions 129
Preparing for Business Interruption 130
What to Watch For 130
Handling Failure of Key Partners 130
What to Watch For 131
Summary 131
Chapter 12 Technology & Data 133
Staying on Top of Cyber Continuity 133
What to Watch For 134
Prevention 135
Mitigation 135
Working with Organization-wide Systems and Standards 135
Prevention 136
Mitigation 136
Maintaining Functional Systems and Standards 136
What to Watch For 137
Prevention 137
Keeping in Touch with Web and Social Media 138
What to Watch For 138
Prevention 138
Organizing Hardware, Networks, Devices, and Technology Skills 139
What to Watch For 139
Prevention 139
Developing and Acquiring Systems, Data, Apps, and Projects 140
What to Watch For 140
Prevention 141
Summary 141
Chapter 13 Board Governance and Oversight 143
Creating a Nonprofit or Nongovernmental Organization 144
What to Watch For 144
Founderitis (Founder Syndrome) 144
Prevention 145
Maintaining a Sustainable Board 147
What to Watch For 147
Prevention 148
Summary 149
Moving On 150
Index 151