SlideShare a Scribd company logo

New Risk Management Paradigm for Not-For-Profits

David X Martin
David X Martin

See the attached I co wrote with Christine McMahon, President and CEO of Fedcap.

Career
1 of 7
Download to read offline
ByChristineMcMahon andDavidXMartin THE NEWRISK PARADIGM FOR NOT-FOR- PROFIT ORGANIZATIONS The Power of Possible
NEWRISK PARADIGM FOR NOT-FOR- PROFITANIZATIONS NOT-FOR- PROFIT ONS THENEWRISKPARADIGMFORNOT-FOR-PROFIT The Power of Possible 2 Essential Questions Senior Management Must Consider I n the past few decades, the business landscape for the larger, more complex, not-for-profits that provide social services has changed dramatically. In addition, the integration of social values within for- profit companies has further blurred the line between for-profit and not-for-profit organizations, resulting in greater competition in the social services sector, and more choices for consumers of those services. Furthermore, the Internet has made the number and nature of those offerings more visible and accessible, and as a result consumers have become more savvy, and more demanding. These changes, as much philosophical as practical, have also led not-for-profit companies to provide more of their services through ‘contracted’ programs—that is, programs with far more stringent terms, in an attempt to reduce costs and alleviate fiscal deficits. Even more importantly, there has been a major philosophical shift away from contracts that pay for services rendered, and toward contracts that pay based on achieved goals, outcomes, or measurable impact. If, for example, your agency was once paid to provide job training skills, it is now more likely to be paid based on how many clients in your program actually secure employment. Thus, the need to achieve measurable objectives—whether those objectives are commercial or social—is now as much a requirement for not-for-profit as it has long been for for-profit organizations. This, in turn, has exponentially increased not only the day-to-day risks of not-for-profits, but in some cases threatened their very survival. As a result, senior management of not-for- profits is faced with a somewhat new and daunting challenge—i.e., the need to create an infrastructure capable of synthesizing vast amounts of information, connecting the dots across a myriad of programs, and simultaneously integrating business strategy, goals, and risk management. The failure to do so—at least historically—was usually due to a pervasive fear- based approach that was primarily backward- looking, and focused on flat financial metrics and ratios. As a result, hidden risks were often left uncovered, problems that kept organizations from achieving their goals were not anticipated, and risk mitigation strategies, if any, were ineffective. Risk management, in fact, whether adapted to for-profit or not-for-profit enterprises, requires a forward looking approach—one that is integrated with business strategies and goals to achieve measurable results in a continually changing environment. Therefore, the new risk paradigm for not-for- profits forces management to consider two separate aspects of risk management—the first strategic, and the second organizational. Succeeding in the former requires thinking about risks throughout the organization. Succeeding in the latter entails the creation of a risk-centric culture, both empowering management and employees to effectively deal with risk, and demanding that they execute enterprise-wide initiatives related to those risks. Turning first to Strategic Risks, management must begin with a short inquiry into the most fundamental aspects of the not-for-profit business model.
NEWRISK PARADIGM FOR NOT-FOR- PROFITANIZATIONS NOT-FOR- PROFIT ONS THENEWRISKPARADIGMFORNOT-FOR-PROFIT The Power of Possible 3 1. Do we fully understand our risk exposures? 2. Are our risk exposures appropriate to our objectives, our appetite for risk, our resource levels, and our desire for long-term sustainability? F irst and foremost, senior managers must ensure that all risks facing the enterprise have been properly identified and measured. This process should start at the business unit level, where program managers intimately familiar with their individual landscapes can adopt an appropriate risk management framework, and establish an ongoing risk-based dialog with the senior management. Together they can then discuss current and emerging risks in detail, establish risk limits, and put specific action triggers into place. The next critical step is a holistic enterprise-wide view of risk—one that transcends individual business segments and/or programs—established at the senior executive and board level. Once defined, the strategic implications of each type of risk must be contrasted with resource adequacy and availability, leading to a clear understanding of how each risk can and ought to be managed. I n addition to proper risk identification and measurement, strategic deliberations by senior management must establish an explicit link between risk, resources, and strategy. To avoid surprises and ensure that a not-for-profit does not respond to pressures through Given the complexity of the modern world— again, in both the private and public sectors— senior management must also regularly devote time to discussing the so-called unknown unknowns — that is, events and risks beyond the scope of traditional discovery processes and systems, in addition to business-as-usual risks. For example, an acknowledged but unknowable unknown in a not-for-profit might involve apolitical or philosophical change in the way state and local governments view their funding, emerging business models, or changes in the competitive environment (including for-profit service providers). Another unknown unknown might concern the not-for-profit’s long-term sustainability. Finally, questions pertaining to clarity of purpose, strategic responsiveness, and engagement of key stakeholders should also be regularly discussed so that unknown unknowns show up at the table. blind risk and leverage, the organization’s risk appetite must be fully aligned with funding and service targets, and vice versa. In other words, senior management must fully understand and approve the amount of risk required to achieve the organization’s stated objectives and goals.
NEWRISK PARADIGM FOR NOT-FOR- PROFITANIZATIONS NOT-FOR- PROFIT ONS THENEWRISKPARADIGMFORNOT-FOR-PROFIT The Power of Possible 4 3. Is our organization adequately dynamic from the viewpoint of risk management? 4. How do risk and uncertainty factor into our strategic decisions? T he lack of organizational dynamism—i.e., a company’s ability to detect coming crises and environmental changes, understand their potential impact, and develop the agility to react in a timely fashion—was a common feature of for-profit companies that failed during the recent financial crisis, and not-for-profit companies whose traditional approach no longer worked in the post-crisis environment. Senior management can and should play an important role in ensuring that a company is well-prepared to withstand volatility, crises, T he recent financial crisis revealed profound disconnections between executive decision-making and risk management. Nor were not-for-profits immune to this way of thinking, since they generally thought of risk management from a largely defensive perspective. Furthermore, because not-for-profits have not traditionally been associated with corporate agility, they have tended not to develop the sort of resiliency on which commercial ventures depend. For that reason, strategic decisions—again, in the public as well as the private sectors—have often been focused on business and customer strategies, new product development, and disruptive technologies, and other changes in the market, and in its competitors. An integrated risk management framework, early warning systems, and comprehensive contingency plans must be continually reviewed by Senior Management and the Board of Directors, and included in all strategic discussions. Finally, questions pertaining to clarity of purpose, strategic responsiveness, and engagement of key stakeholders should also be regularly discussed so that unknown unknowns show up at the table. pursuit of market share, with risk management remaining an afterthought—that is, a sort of police function used to check on safety and soundness only after strategic and investment decisions had already been made. To remedy this after-the-fact approach, the role of risk in a not- for-profit’s business model must be continually reevaluated by senior management, thus making risk management an input into strategic decisions and governance. Continually asking fundamental questions in rigorous yet practical ways vastly improves the effectiveness of senior management, helping them steer their not-for-profits through the ever more difficult conditions of the modern global environment.
NEWRISK PARADIGM FOR NOT-FOR- PROFITANIZATIONS NOT-FOR- PROFIT ONS THENEWRISKPARADIGMFORNOT-FOR-PROFIT The Power of Possible 5 1. Do we have an integrated firm-wide risk management process? 2. Are professionals at all levels empowered to manage risk? E ffective risk management is achieved through comprehensive risk reporting, governance policies and limits, escalation procedures, action triggers, and dynamic and integrated firm-wide processes. As a pre-requisite to all of the above, the not-for-profit must possess an analytical system capable of properly identifying, measuring, and aggregating all risks across the enterprise. Equally important, an appropriate ‘risk mindset’ must be adopted throughout the organization. Furthermore, once that mindset is in place, risk exposures and the risk analysis of key business initiatives must be routinely discussed. Senior Management must also ensure that relevant risk measures are among the key metrics monitored by program managers on a daily basis. Lastly, senior management must ensure that risk issues are handled proactively, and communications across program units F or the risk management of a large, complex not-for-profit to be effective, it must be built not only into every part of the decision- making process, but also every into control mechanism throughout the organization. Toward that end common risk management language must be established throughout the organization, are open and effective. In this regard, red flags to be watched and immediately addressed include 1) excuses that specific risks do not lend themselves to quantitative measurement, 2) that certain risks are the “nature of the business” and therefore should not be monitored or managed, and 3) that phrases like “don’t worry,” “this is a low probability event,” or “local managers have it all under control” are stricken from the organization’s vocabulary. Instituting a rigorous firm-wide risk process also ensures that directors do not start questioning senior managers about risks that the corporation has undertaken only after it is too late. The White House situation room, to give but one example, employs a ‘tripwire system’ that monitors pre-determined events to ensure that strategists continually reassess the changing environment. along with clearly delegated responsibilities for managing risk at all levels. Finally, leadership and risk management structures must be correctly aligned with the not-for-profit’s business model, and the right balance established between competing priorities and constituencies. Organizational Risk Management by senior leadership is equally critical, since it is no longer enough to assume that risk is being properly measured and managed as strategies are set, and certain results are sought. For those reasons successful organizational risk management entails its own set of important questions.
NEWRISK PARADIGM FOR NOT-FOR- PROFITANIZATIONS NOT-FOR- PROFIT ONS THENEWRISKPARADIGMFORNOT-FOR-PROFIT The Power of Possible 6 3. Does the Not-for-Profit have an appropriate risk management culture? A ccording to Jim Collins, the author of Built to Last and Good to Great, “companies that survive periods of great tumult and duress have an incredible fabric of values.” Given that it is precisely these values that help successful companies fulfill their missions and strategic visions—and in so doing create lasting value—senior managers must be committed to the creation of an effective risk culture. There are specific signs that a not-for- profit is on the right track in this regard, and that risk management has become part and parcel of a not-for-profit’s DNA and immune system. First, the board assumes the ultimate responsibility for risk oversight responsibility. Second, the board declares its ethical stance. And third, the board, establishes clear measures of success, using well understood metrics for risk appetite, and risk limits. Toward those ends, the board also delegates responsibility to the appropriate authorities for risk management across the enterprise. Risk training and awareness programs are also in place throughout the organization, with senior line managers and risk professionals responsible for formal post-mortems of major mistakes. Senior management also ensures that management incentives encourage responsible and value- added risk taking, and emphasize the importance of embedded risk management processes in the organization’s decision-making and communications. Rewards must also be consistent with desirable behaviors, and employees must know what is expected and what will not be tolerated. With such a risk culture in place, silos will be broken down, open communication will be encouraged, and risk successes will be publicized and imitated. And when this happens, employees will make better decisions, keep their not-for- profit out of harm’s way, and reduce potential legal liabilities and reputational risks.
NEWRISK PARADIGM FOR NOT-FOR- PROFITANIZATIONS NOT-FOR- PROFIT ONS THENEWRISKPARADIGMFORNOT-FOR-PROFIT The Power of Possible 7 Conclusion R isk management is the most efficient framework for critical strategic and investment decisions, not merely a policing function. Therefore, the new risk paradigm for not-for-profit governance presents visionary senior managers with a unique opportunity. In normal economic environments, strategic management of risk leads to lasting social value creation. During crises, it limits losses and ensures survival. Along with that opportunity, however, comes the need for unrelenting hard work, constant vigilance, and inspired, enthusiastic leadership. This article, specifically adapted for not-for-profits, is based on an article by Martin and Tillman published in Chief Executive Magazine in 2011. Christine McMahon is President and CEO of Fedcap Rehabilitation Services, Inc., a national nonprofit committed to creating opportunities for people with barriers to economic well-being, is a highly regarded national presenter on nonprofit leadership, and is a member of the U.S. Secretary of Labor’s Advisory Committee for Individuals with Disabilities. David X Martin is a former Chief Risk Officer, as well as Founding Chair of the Investment Company Institute’s Risk Committee. He is an Adjunct Professor, Author, Special Counselor to the Center for Financial Stability, and currently consults for a number of financial institutions, and provides expert witness testimony. Put another way, risk management must be transformed into a cornerstone of effective strategic decision-making and corporate governance in not-for-profits—a critical element of the organization’s foundation that fully supports operations, organizational structures, and corporate culture. Of course there is another solution, as W. Edward Deming famously noted: “It is not necessary to change. Survival is not mandatory.” It is up to senior management of not-for-profits to make that decision.

Recommended

CROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinCROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinDavid X Martin
 
CISSPills #3.03
CISSPills #3.03CISSPills #3.03
CISSPills #3.03Pierluigi Falcone, CISSP, CISM, CCSK, SABSA Foundation
 
Xavier Marguinaud in Corporate Livewire Cyber Security Expert Guide 2017 Dec
Xavier Marguinaud in Corporate Livewire Cyber Security Expert Guide 2017 DecXavier Marguinaud in Corporate Livewire Cyber Security Expert Guide 2017 Dec
Xavier Marguinaud in Corporate Livewire Cyber Security Expert Guide 2017 DecLaura Tibbo
 
Enterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation AgeEnterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation AgeCareer Communications Group
 
Building an Effective AML Program
Building an Effective AML ProgramBuilding an Effective AML Program
Building an Effective AML ProgramCorporater
 
Enhancing Existing Risk Management in National Statistical Institutes by Usin...
Enhancing Existing Risk Management in National Statistical Institutes by Usin...Enhancing Existing Risk Management in National Statistical Institutes by Usin...
Enhancing Existing Risk Management in National Statistical Institutes by Usin...Светла Иванова
 
Coordinating Security Response and Crisis Management Planning
Coordinating Security Response and Crisis Management PlanningCoordinating Security Response and Crisis Management Planning
Coordinating Security Response and Crisis Management PlanningCognizant
 
CISSPills #3.04
CISSPills #3.04CISSPills #3.04
CISSPills #3.04Pierluigi Falcone, CISSP, CISM, CCSK, SABSA Foundation
 

Recommended

CROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinCROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinDavid X Martin
 
CISSPills #3.03
CISSPills #3.03CISSPills #3.03
CISSPills #3.03Pierluigi Falcone, CISSP, CISM, CCSK, SABSA Foundation
 
Xavier Marguinaud in Corporate Livewire Cyber Security Expert Guide 2017 Dec
Xavier Marguinaud in Corporate Livewire Cyber Security Expert Guide 2017 DecXavier Marguinaud in Corporate Livewire Cyber Security Expert Guide 2017 Dec
Xavier Marguinaud in Corporate Livewire Cyber Security Expert Guide 2017 DecLaura Tibbo
 
Enterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation AgeEnterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation AgeCareer Communications Group
 
Building an Effective AML Program
Building an Effective AML ProgramBuilding an Effective AML Program
Building an Effective AML ProgramCorporater
 
Enhancing Existing Risk Management in National Statistical Institutes by Usin...
Enhancing Existing Risk Management in National Statistical Institutes by Usin...Enhancing Existing Risk Management in National Statistical Institutes by Usin...
Enhancing Existing Risk Management in National Statistical Institutes by Usin...Светла Иванова
 
Coordinating Security Response and Crisis Management Planning
Coordinating Security Response and Crisis Management PlanningCoordinating Security Response and Crisis Management Planning
Coordinating Security Response and Crisis Management PlanningCognizant
 
CISSPills #3.04
CISSPills #3.04CISSPills #3.04
CISSPills #3.04Pierluigi Falcone, CISSP, CISM, CCSK, SABSA Foundation
 
Incorporating Risk Management into BCP
Incorporating Risk Management into BCPIncorporating Risk Management into BCP
Incorporating Risk Management into BCPRon Andrews
 
An Intro to Resolver's Incident Management Application
An Intro to Resolver's Incident Management ApplicationAn Intro to Resolver's Incident Management Application
An Intro to Resolver's Incident Management ApplicationResolver Inc.
 
Risk Management Frameworks
Risk Management FrameworksRisk Management Frameworks
Risk Management FrameworksDaniel Kapellmann Zafra
 
For Corporate Boards, a Cyber Security Top 10
For Corporate Boards, a Cyber Security Top 10For Corporate Boards, a Cyber Security Top 10
For Corporate Boards, a Cyber Security Top 10David X Martin
 
Risk Management in Business
Risk Management in BusinessRisk Management in Business
Risk Management in Businesspaperpublications3
 
From checkboxes to frameworks
From checkboxes to frameworksFrom checkboxes to frameworks
From checkboxes to frameworksAndréanne Clarke
 
Security Maturity Model
Security Maturity ModelSecurity Maturity Model
Security Maturity ModelConferencias FIST
 
Risk - IT Services
Risk - IT ServicesRisk - IT Services
Risk - IT ServicesNema Chhaya Buch
 
Delivering stronger business security and resilience
Delivering stronger business security and resilienceDelivering stronger business security and resilience
Delivering stronger business security and resiliencezadok001
 
How well are you managing risk
How well are you managing riskHow well are you managing risk
How well are you managing riskGregg Barrett
 
Common failures of risk management
Common failures of risk management Common failures of risk management
Common failures of risk management Surajit Datta
 
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseData security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseThe Economist Media Businesses
 
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...WolfPAC - Integrated Risk Management
 
Agiliance Risk Vision
Agiliance Risk VisionAgiliance Risk Vision
Agiliance Risk Visionagiliancecommunity
 
Integrated Security & Risk Management: Benchmarking
Integrated Security & Risk Management: BenchmarkingIntegrated Security & Risk Management: Benchmarking
Integrated Security & Risk Management: BenchmarkingResolver Inc.
 
The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field Resolver Inc.
 
Int:rsect: CEO Address with Will Anderson
Int:rsect: CEO Address with Will AndersonInt:rsect: CEO Address with Will Anderson
Int:rsect: CEO Address with Will AndersonResolver Inc.
 
2010; Risk Management Workshop Rev.1.1
2010; Risk Management Workshop Rev.1.12010; Risk Management Workshop Rev.1.1
2010; Risk Management Workshop Rev.1.1Muhammad Ector Prasetyo
 
THE EFFECT OF INFORMATION TECHNOLOGY USING ENTERPRISE SECURITY RISK MANAGEMENT
THE EFFECT OF INFORMATION TECHNOLOGY USING ENTERPRISE SECURITY RISK MANAGEMENTTHE EFFECT OF INFORMATION TECHNOLOGY USING ENTERPRISE SECURITY RISK MANAGEMENT
THE EFFECT OF INFORMATION TECHNOLOGY USING ENTERPRISE SECURITY RISK MANAGEMENTIJNSA Journal
 
Manigent Aligning Risk Appetite And Exposure
Manigent Aligning Risk Appetite And ExposureManigent Aligning Risk Appetite And Exposure
Manigent Aligning Risk Appetite And ExposureAndrew Smart
 
BUSINESS RISK IN MEDIUM & LARGE SCALE CORPORATE ENTITIES
BUSINESS RISK IN MEDIUM & LARGE SCALE CORPORATE ENTITIESBUSINESS RISK IN MEDIUM & LARGE SCALE CORPORATE ENTITIES
BUSINESS RISK IN MEDIUM & LARGE SCALE CORPORATE ENTITIESMark Evans
 
The incorporation of sustainability risks into the risk culture | Albert Vila...
The incorporation of sustainability risks into the risk culture | Albert Vila...The incorporation of sustainability risks into the risk culture | Albert Vila...
The incorporation of sustainability risks into the risk culture | Albert Vila...Albert Vilariño
 

More Related Content

What's hot

Incorporating Risk Management into BCP
Incorporating Risk Management into BCPIncorporating Risk Management into BCP
Incorporating Risk Management into BCPRon Andrews
 
An Intro to Resolver's Incident Management Application
An Intro to Resolver's Incident Management ApplicationAn Intro to Resolver's Incident Management Application
An Intro to Resolver's Incident Management ApplicationResolver Inc.
 
For Corporate Boards, a Cyber Security Top 10
For Corporate Boards, a Cyber Security Top 10For Corporate Boards, a Cyber Security Top 10
For Corporate Boards, a Cyber Security Top 10David X Martin
 
From checkboxes to frameworks
From checkboxes to frameworksFrom checkboxes to frameworks
From checkboxes to frameworksAndréanne Clarke
 
Delivering stronger business security and resilience
Delivering stronger business security and resilienceDelivering stronger business security and resilience
Delivering stronger business security and resiliencezadok001
 
How well are you managing risk
How well are you managing riskHow well are you managing risk
How well are you managing riskGregg Barrett
 
Common failures of risk management
Common failures of risk management Common failures of risk management
Common failures of risk management Surajit Datta
 
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseData security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseThe Economist Media Businesses
 
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...WolfPAC - Integrated Risk Management
 
Integrated Security & Risk Management: Benchmarking
Integrated Security & Risk Management: BenchmarkingIntegrated Security & Risk Management: Benchmarking
Integrated Security & Risk Management: BenchmarkingResolver Inc.
 
The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field Resolver Inc.
 
Int:rsect: CEO Address with Will Anderson
Int:rsect: CEO Address with Will AndersonInt:rsect: CEO Address with Will Anderson
Int:rsect: CEO Address with Will AndersonResolver Inc.
 
THE EFFECT OF INFORMATION TECHNOLOGY USING ENTERPRISE SECURITY RISK MANAGEMENT
THE EFFECT OF INFORMATION TECHNOLOGY USING ENTERPRISE SECURITY RISK MANAGEMENTTHE EFFECT OF INFORMATION TECHNOLOGY USING ENTERPRISE SECURITY RISK MANAGEMENT
THE EFFECT OF INFORMATION TECHNOLOGY USING ENTERPRISE SECURITY RISK MANAGEMENTIJNSA Journal
 

What's hot (19)

Incorporating Risk Management into BCP
Incorporating Risk Management into BCPIncorporating Risk Management into BCP
Incorporating Risk Management into BCP
 
An Intro to Resolver's Incident Management Application
An Intro to Resolver's Incident Management ApplicationAn Intro to Resolver's Incident Management Application
An Intro to Resolver's Incident Management Application
 
Risk Management Frameworks
Risk Management FrameworksRisk Management Frameworks
Risk Management Frameworks
 
For Corporate Boards, a Cyber Security Top 10
For Corporate Boards, a Cyber Security Top 10For Corporate Boards, a Cyber Security Top 10
For Corporate Boards, a Cyber Security Top 10
 
Risk Management in Business
Risk Management in BusinessRisk Management in Business
Risk Management in Business
 
From checkboxes to frameworks
From checkboxes to frameworksFrom checkboxes to frameworks
From checkboxes to frameworks
 
Security Maturity Model
Security Maturity ModelSecurity Maturity Model
Security Maturity Model
 
Risk - IT Services
Risk - IT ServicesRisk - IT Services
Risk - IT Services
 
Delivering stronger business security and resilience
Delivering stronger business security and resilienceDelivering stronger business security and resilience
Delivering stronger business security and resilience
 
How well are you managing risk
How well are you managing riskHow well are you managing risk
How well are you managing risk
 
Common failures of risk management
Common failures of risk management Common failures of risk management
Common failures of risk management
 
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseData security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
 
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...
 
Agiliance Risk Vision
Agiliance Risk VisionAgiliance Risk Vision
Agiliance Risk Vision
 
Integrated Security & Risk Management: Benchmarking
Integrated Security & Risk Management: BenchmarkingIntegrated Security & Risk Management: Benchmarking
Integrated Security & Risk Management: Benchmarking
 
The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field
 
Int:rsect: CEO Address with Will Anderson
Int:rsect: CEO Address with Will AndersonInt:rsect: CEO Address with Will Anderson
Int:rsect: CEO Address with Will Anderson
 
2010; Risk Management Workshop Rev.1.1
2010; Risk Management Workshop Rev.1.12010; Risk Management Workshop Rev.1.1
2010; Risk Management Workshop Rev.1.1
 
THE EFFECT OF INFORMATION TECHNOLOGY USING ENTERPRISE SECURITY RISK MANAGEMENT
THE EFFECT OF INFORMATION TECHNOLOGY USING ENTERPRISE SECURITY RISK MANAGEMENTTHE EFFECT OF INFORMATION TECHNOLOGY USING ENTERPRISE SECURITY RISK MANAGEMENT
THE EFFECT OF INFORMATION TECHNOLOGY USING ENTERPRISE SECURITY RISK MANAGEMENT
 

Similar to New Risk Management Paradigm for Not-For-Profits

Manigent Aligning Risk Appetite And Exposure
Manigent Aligning Risk Appetite And ExposureManigent Aligning Risk Appetite And Exposure
Manigent Aligning Risk Appetite And ExposureAndrew Smart
 
BUSINESS RISK IN MEDIUM & LARGE SCALE CORPORATE ENTITIES
BUSINESS RISK IN MEDIUM & LARGE SCALE CORPORATE ENTITIESBUSINESS RISK IN MEDIUM & LARGE SCALE CORPORATE ENTITIES
BUSINESS RISK IN MEDIUM & LARGE SCALE CORPORATE ENTITIESMark Evans
 
The incorporation of sustainability risks into the risk culture | Albert Vila...
The incorporation of sustainability risks into the risk culture | Albert Vila...The incorporation of sustainability risks into the risk culture | Albert Vila...
The incorporation of sustainability risks into the risk culture | Albert Vila...Albert Vilariño
 
7 Key Elements Of An Enterprise Risk Management Program
7 Key Elements Of An Enterprise Risk Management Program7 Key Elements Of An Enterprise Risk Management Program
7 Key Elements Of An Enterprise Risk Management ProgramAlicia Edwards
 
Building an invisible framework for risk management
Building an invisible framework for risk managementBuilding an invisible framework for risk management
Building an invisible framework for risk managementhallowedblasphe76
 
Enterprise Risk Management White Paper
Enterprise Risk Management White PaperEnterprise Risk Management White Paper
Enterprise Risk Management White PaperShadowlit Ndou Sidija
 
Marsh Magazine, Issue 3 - December 2014
Marsh Magazine, Issue 3 - December 2014Marsh Magazine, Issue 3 - December 2014
Marsh Magazine, Issue 3 - December 2014Fabio Tomassini
 
Enterprise Risk Management Integrating with Strategy and Per
Enterprise Risk Management Integrating with Strategy and PerEnterprise Risk Management Integrating with Strategy and Per
Enterprise Risk Management Integrating with Strategy and PerTanaMaeskm
 
WTW-EU-16-PUB-1735 Risk Culture Perspectives_V02
WTW-EU-16-PUB-1735 Risk Culture Perspectives_V02WTW-EU-16-PUB-1735 Risk Culture Perspectives_V02
WTW-EU-16-PUB-1735 Risk Culture Perspectives_V02Mike Wilkinson
 
Strategically+Speaking+October+2015
Strategically+Speaking+October+2015Strategically+Speaking+October+2015
Strategically+Speaking+October+2015Andrew Smart
 
Enterprise risk management-Yashvanth G Nayak
Enterprise risk management-Yashvanth G NayakEnterprise risk management-Yashvanth G Nayak
Enterprise risk management-Yashvanth G NayakYashavanth Nayak
 
ERM Evolving From Risk Assessment to Strategic RiskManageme.docx
ERM Evolving From Risk Assessment to Strategic RiskManageme.docxERM Evolving From Risk Assessment to Strategic RiskManageme.docx
ERM Evolving From Risk Assessment to Strategic RiskManageme.docxrusselldayna
 
An approach to erm in the insurance industry apria 2002 rama warrier&preeti
An approach to erm in the insurance industry apria 2002 rama warrier&preetiAn approach to erm in the insurance industry apria 2002 rama warrier&preeti
An approach to erm in the insurance industry apria 2002 rama warrier&preetiRama Warrier
 
My report_donald.docx
My report_donald.docxMy report_donald.docx
My report_donald.docxGenevieveGo3
 
Perspectives-Risk-culture-starts-to-come-of-age
Perspectives-Risk-culture-starts-to-come-of-agePerspectives-Risk-culture-starts-to-come-of-age
Perspectives-Risk-culture-starts-to-come-of-ageOliver Davidson
 
OverseeRiskAsNewerMoreComplex
OverseeRiskAsNewerMoreComplexOverseeRiskAsNewerMoreComplex
OverseeRiskAsNewerMoreComplexKashif Ali
 
2015 global capital markets risk management study
2015 global capital markets risk management study2015 global capital markets risk management study
2015 global capital markets risk management studyLapman Lee ✔
 

Similar to New Risk Management Paradigm for Not-For-Profits (20)

Manigent Aligning Risk Appetite And Exposure
Manigent Aligning Risk Appetite And ExposureManigent Aligning Risk Appetite And Exposure
Manigent Aligning Risk Appetite And Exposure
 
BUSINESS RISK IN MEDIUM & LARGE SCALE CORPORATE ENTITIES
BUSINESS RISK IN MEDIUM & LARGE SCALE CORPORATE ENTITIESBUSINESS RISK IN MEDIUM & LARGE SCALE CORPORATE ENTITIES
BUSINESS RISK IN MEDIUM & LARGE SCALE CORPORATE ENTITIES
 
The incorporation of sustainability risks into the risk culture | Albert Vila...
The incorporation of sustainability risks into the risk culture | Albert Vila...The incorporation of sustainability risks into the risk culture | Albert Vila...
The incorporation of sustainability risks into the risk culture | Albert Vila...
 
7 Key Elements Of An Enterprise Risk Management Program
7 Key Elements Of An Enterprise Risk Management Program7 Key Elements Of An Enterprise Risk Management Program
7 Key Elements Of An Enterprise Risk Management Program
 
Building an invisible framework for risk management
Building an invisible framework for risk managementBuilding an invisible framework for risk management
Building an invisible framework for risk management
 
CRO Insight
CRO InsightCRO Insight
CRO Insight
 
Enterprise Risk Management White Paper
Enterprise Risk Management White PaperEnterprise Risk Management White Paper
Enterprise Risk Management White Paper
 
Marsh Magazine, Issue 3 - December 2014
Marsh Magazine, Issue 3 - December 2014Marsh Magazine, Issue 3 - December 2014
Marsh Magazine, Issue 3 - December 2014
 
Enterprise Risk Management Integrating with Strategy and Per
Enterprise Risk Management Integrating with Strategy and PerEnterprise Risk Management Integrating with Strategy and Per
Enterprise Risk Management Integrating with Strategy and Per
 
WTW-EU-16-PUB-1735 Risk Culture Perspectives_V02
WTW-EU-16-PUB-1735 Risk Culture Perspectives_V02WTW-EU-16-PUB-1735 Risk Culture Perspectives_V02
WTW-EU-16-PUB-1735 Risk Culture Perspectives_V02
 
Shifting into an ERM Culture
Shifting into an ERM CultureShifting into an ERM Culture
Shifting into an ERM Culture
 
Strategically+Speaking+October+2015
Strategically+Speaking+October+2015Strategically+Speaking+October+2015
Strategically+Speaking+October+2015
 
Enterprise risk management-Yashvanth G Nayak
Enterprise risk management-Yashvanth G NayakEnterprise risk management-Yashvanth G Nayak
Enterprise risk management-Yashvanth G Nayak
 
ERM Evolving From Risk Assessment to Strategic RiskManageme.docx
ERM Evolving From Risk Assessment to Strategic RiskManageme.docxERM Evolving From Risk Assessment to Strategic RiskManageme.docx
ERM Evolving From Risk Assessment to Strategic RiskManageme.docx
 
An approach to erm in the insurance industry apria 2002 rama warrier&preeti
An approach to erm in the insurance industry apria 2002 rama warrier&preetiAn approach to erm in the insurance industry apria 2002 rama warrier&preeti
An approach to erm in the insurance industry apria 2002 rama warrier&preeti
 
My report_donald.docx
My report_donald.docxMy report_donald.docx
My report_donald.docx
 
Perspectives-Risk-culture-starts-to-come-of-age
Perspectives-Risk-culture-starts-to-come-of-agePerspectives-Risk-culture-starts-to-come-of-age
Perspectives-Risk-culture-starts-to-come-of-age
 
OverseeRiskAsNewerMoreComplex
OverseeRiskAsNewerMoreComplexOverseeRiskAsNewerMoreComplex
OverseeRiskAsNewerMoreComplex
 
2015 global capital markets risk management study
2015 global capital markets risk management study2015 global capital markets risk management study
2015 global capital markets risk management study
 
Risk management
Risk managementRisk management
Risk management
 

Recently uploaded

Call Girl in Low Price Delhi Punjabi Bagh 9711199012
Call Girl in Low Price Delhi Punjabi Bagh 9711199012Call Girl in Low Price Delhi Punjabi Bagh 9711199012
Call Girl in Low Price Delhi Punjabi Bagh 9711199012sapnasaifi408
 
Delhi Call Girls Patparganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Patparganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Patparganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Patparganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Delhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
加利福尼亚艺术学院毕业证文凭证书( 咨询 )证书双学位
加利福尼亚艺术学院毕业证文凭证书( 咨询 )证书双学位加利福尼亚艺术学院毕业证文凭证书( 咨询 )证书双学位
加利福尼亚艺术学院毕业证文凭证书( 咨询 )证书双学位obuhobo
 
Experience Certificate - Marketing Analyst-Soham Mondal.pdf
Experience Certificate - Marketing Analyst-Soham Mondal.pdfExperience Certificate - Marketing Analyst-Soham Mondal.pdf
Experience Certificate - Marketing Analyst-Soham Mondal.pdfSoham Mondal
 
VIP Call Girl Cuttack Aashi 8250192130 Independent Escort Service Cuttack
VIP Call Girl Cuttack Aashi 8250192130 Independent Escort Service CuttackVIP Call Girl Cuttack Aashi 8250192130 Independent Escort Service Cuttack
VIP Call Girl Cuttack Aashi 8250192130 Independent Escort Service CuttackSuhani Kapoor
 
Internshala Student Partner 6.0 Jadavpur University Certificate
Internshala Student Partner 6.0 Jadavpur University CertificateInternshala Student Partner 6.0 Jadavpur University Certificate
Internshala Student Partner 6.0 Jadavpur University CertificateSoham Mondal
 
VIP Russian Call Girls in Bhilai Deepika 8250192130 Independent Escort Servic...
VIP Russian Call Girls in Bhilai Deepika 8250192130 Independent Escort Servic...VIP Russian Call Girls in Bhilai Deepika 8250192130 Independent Escort Servic...
VIP Russian Call Girls in Bhilai Deepika 8250192130 Independent Escort Servic...Suhani Kapoor
 
Vip Modals Call Girls (Delhi) Rohini 9711199171✔️ Full night Service for one...
Vip Modals Call Girls (Delhi) Rohini 9711199171✔️ Full night Service for one...Vip Modals Call Girls (Delhi) Rohini 9711199171✔️ Full night Service for one...
Vip Modals Call Girls (Delhi) Rohini 9711199171✔️ Full night Service for one...shivangimorya083
 
Employee of the Month - Samsung Semiconductor India Research
Employee of the Month - Samsung Semiconductor India ResearchEmployee of the Month - Samsung Semiconductor India Research
Employee of the Month - Samsung Semiconductor India ResearchSoham Mondal
 
Notes of bca Question paper for exams and tests
Notes of bca Question paper for exams and testsNotes of bca Question paper for exams and tests
Notes of bca Question paper for exams and testspriyanshukumar97908
 
Dubai Call Girls Demons O525547819 Call Girls IN DUbai Natural Big Boody
Dubai Call Girls Demons O525547819 Call Girls IN DUbai Natural Big BoodyDubai Call Girls Demons O525547819 Call Girls IN DUbai Natural Big Boody
Dubai Call Girls Demons O525547819 Call Girls IN DUbai Natural Big Boodykojalkojal131
 
Neha +91-9537192988-Friendly Ahmedabad Call Girls has Complete Authority for ...
Neha +91-9537192988-Friendly Ahmedabad Call Girls has Complete Authority for ...Neha +91-9537192988-Friendly Ahmedabad Call Girls has Complete Authority for ...
Neha +91-9537192988-Friendly Ahmedabad Call Girls has Complete Authority for ...Niya Khan
 
Delhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...
VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...
VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...Suhani Kapoor
 
Dark Dubai Call Girls O525547819 Skin Call Girls Dubai
Dark Dubai Call Girls O525547819 Skin Call Girls DubaiDark Dubai Call Girls O525547819 Skin Call Girls Dubai
Dark Dubai Call Girls O525547819 Skin Call Girls Dubaikojalkojal131
 
VIP Call Girls Service Saharanpur Aishwarya 8250192130 Independent Escort Ser...
VIP Call Girls Service Saharanpur Aishwarya 8250192130 Independent Escort Ser...VIP Call Girls Service Saharanpur Aishwarya 8250192130 Independent Escort Ser...
VIP Call Girls Service Saharanpur Aishwarya 8250192130 Independent Escort Ser...Suhani Kapoor
 
VIP Call Girls Service Jamshedpur Aishwarya 8250192130 Independent Escort Ser...
VIP Call Girls Service Jamshedpur Aishwarya 8250192130 Independent Escort Ser...VIP Call Girls Service Jamshedpur Aishwarya 8250192130 Independent Escort Ser...
VIP Call Girls Service Jamshedpur Aishwarya 8250192130 Independent Escort Ser...Suhani Kapoor
 
VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...
VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...
VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...Suhani Kapoor
 
VIP Russian Call Girls in Amravati Deepika 8250192130 Independent Escort Serv...
VIP Russian Call Girls in Amravati Deepika 8250192130 Independent Escort Serv...VIP Russian Call Girls in Amravati Deepika 8250192130 Independent Escort Serv...
VIP Russian Call Girls in Amravati Deepika 8250192130 Independent Escort Serv...Suhani Kapoor
 

Recently uploaded (20)

Call Girl in Low Price Delhi Punjabi Bagh 9711199012
Call Girl in Low Price Delhi Punjabi Bagh 9711199012Call Girl in Low Price Delhi Punjabi Bagh 9711199012
Call Girl in Low Price Delhi Punjabi Bagh 9711199012
 
Delhi Call Girls Patparganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Patparganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Patparganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Patparganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Delhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
加利福尼亚艺术学院毕业证文凭证书( 咨询 )证书双学位
加利福尼亚艺术学院毕业证文凭证书( 咨询 )证书双学位加利福尼亚艺术学院毕业证文凭证书( 咨询 )证书双学位
加利福尼亚艺术学院毕业证文凭证书( 咨询 )证书双学位
 
Experience Certificate - Marketing Analyst-Soham Mondal.pdf
Experience Certificate - Marketing Analyst-Soham Mondal.pdfExperience Certificate - Marketing Analyst-Soham Mondal.pdf
Experience Certificate - Marketing Analyst-Soham Mondal.pdf
 
VIP Call Girl Cuttack Aashi 8250192130 Independent Escort Service Cuttack
VIP Call Girl Cuttack Aashi 8250192130 Independent Escort Service CuttackVIP Call Girl Cuttack Aashi 8250192130 Independent Escort Service Cuttack
VIP Call Girl Cuttack Aashi 8250192130 Independent Escort Service Cuttack
 
Internshala Student Partner 6.0 Jadavpur University Certificate
Internshala Student Partner 6.0 Jadavpur University CertificateInternshala Student Partner 6.0 Jadavpur University Certificate
Internshala Student Partner 6.0 Jadavpur University Certificate
 
VIP Russian Call Girls in Bhilai Deepika 8250192130 Independent Escort Servic...
VIP Russian Call Girls in Bhilai Deepika 8250192130 Independent Escort Servic...VIP Russian Call Girls in Bhilai Deepika 8250192130 Independent Escort Servic...
VIP Russian Call Girls in Bhilai Deepika 8250192130 Independent Escort Servic...
 
Vip Modals Call Girls (Delhi) Rohini 9711199171✔️ Full night Service for one...
Vip Modals Call Girls (Delhi) Rohini 9711199171✔️ Full night Service for one...Vip Modals Call Girls (Delhi) Rohini 9711199171✔️ Full night Service for one...
Vip Modals Call Girls (Delhi) Rohini 9711199171✔️ Full night Service for one...
 
Employee of the Month - Samsung Semiconductor India Research
Employee of the Month - Samsung Semiconductor India ResearchEmployee of the Month - Samsung Semiconductor India Research
Employee of the Month - Samsung Semiconductor India Research
 
Notes of bca Question paper for exams and tests
Notes of bca Question paper for exams and testsNotes of bca Question paper for exams and tests
Notes of bca Question paper for exams and tests
 
Dubai Call Girls Demons O525547819 Call Girls IN DUbai Natural Big Boody
Dubai Call Girls Demons O525547819 Call Girls IN DUbai Natural Big BoodyDubai Call Girls Demons O525547819 Call Girls IN DUbai Natural Big Boody
Dubai Call Girls Demons O525547819 Call Girls IN DUbai Natural Big Boody
 
Neha +91-9537192988-Friendly Ahmedabad Call Girls has Complete Authority for ...
Neha +91-9537192988-Friendly Ahmedabad Call Girls has Complete Authority for ...Neha +91-9537192988-Friendly Ahmedabad Call Girls has Complete Authority for ...
Neha +91-9537192988-Friendly Ahmedabad Call Girls has Complete Authority for ...
 
Delhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...
VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...
VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...
 
Dark Dubai Call Girls O525547819 Skin Call Girls Dubai
Dark Dubai Call Girls O525547819 Skin Call Girls DubaiDark Dubai Call Girls O525547819 Skin Call Girls Dubai
Dark Dubai Call Girls O525547819 Skin Call Girls Dubai
 
VIP Call Girls Service Saharanpur Aishwarya 8250192130 Independent Escort Ser...
VIP Call Girls Service Saharanpur Aishwarya 8250192130 Independent Escort Ser...VIP Call Girls Service Saharanpur Aishwarya 8250192130 Independent Escort Ser...
VIP Call Girls Service Saharanpur Aishwarya 8250192130 Independent Escort Ser...
 
VIP Call Girls Service Jamshedpur Aishwarya 8250192130 Independent Escort Ser...
VIP Call Girls Service Jamshedpur Aishwarya 8250192130 Independent Escort Ser...VIP Call Girls Service Jamshedpur Aishwarya 8250192130 Independent Escort Ser...
VIP Call Girls Service Jamshedpur Aishwarya 8250192130 Independent Escort Ser...
 
VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...
VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...
VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...
 
VIP Russian Call Girls in Amravati Deepika 8250192130 Independent Escort Serv...
VIP Russian Call Girls in Amravati Deepika 8250192130 Independent Escort Serv...VIP Russian Call Girls in Amravati Deepika 8250192130 Independent Escort Serv...
VIP Russian Call Girls in Amravati Deepika 8250192130 Independent Escort Serv...
 

New Risk Management Paradigm for Not-For-Profits

  • 2. NEWRISK PARADIGM FOR NOT-FOR- PROFITANIZATIONS NOT-FOR- PROFIT ONS THENEWRISKPARADIGMFORNOT-FOR-PROFIT The Power of Possible 2 Essential Questions Senior Management Must Consider I n the past few decades, the business landscape for the larger, more complex, not-for-profits that provide social services has changed dramatically. In addition, the integration of social values within for- profit companies has further blurred the line between for-profit and not-for-profit organizations, resulting in greater competition in the social services sector, and more choices for consumers of those services. Furthermore, the Internet has made the number and nature of those offerings more visible and accessible, and as a result consumers have become more savvy, and more demanding. These changes, as much philosophical as practical, have also led not-for-profit companies to provide more of their services through ‘contracted’ programs—that is, programs with far more stringent terms, in an attempt to reduce costs and alleviate fiscal deficits. Even more importantly, there has been a major philosophical shift away from contracts that pay for services rendered, and toward contracts that pay based on achieved goals, outcomes, or measurable impact. If, for example, your agency was once paid to provide job training skills, it is now more likely to be paid based on how many clients in your program actually secure employment. Thus, the need to achieve measurable objectives—whether those objectives are commercial or social—is now as much a requirement for not-for-profit as it has long been for for-profit organizations. This, in turn, has exponentially increased not only the day-to-day risks of not-for-profits, but in some cases threatened their very survival. As a result, senior management of not-for- profits is faced with a somewhat new and daunting challenge—i.e., the need to create an infrastructure capable of synthesizing vast amounts of information, connecting the dots across a myriad of programs, and simultaneously integrating business strategy, goals, and risk management. The failure to do so—at least historically—was usually due to a pervasive fear- based approach that was primarily backward- looking, and focused on flat financial metrics and ratios. As a result, hidden risks were often left uncovered, problems that kept organizations from achieving their goals were not anticipated, and risk mitigation strategies, if any, were ineffective. Risk management, in fact, whether adapted to for-profit or not-for-profit enterprises, requires a forward looking approach—one that is integrated with business strategies and goals to achieve measurable results in a continually changing environment. Therefore, the new risk paradigm for not-for- profits forces management to consider two separate aspects of risk management—the first strategic, and the second organizational. Succeeding in the former requires thinking about risks throughout the organization. Succeeding in the latter entails the creation of a risk-centric culture, both empowering management and employees to effectively deal with risk, and demanding that they execute enterprise-wide initiatives related to those risks. Turning first to Strategic Risks, management must begin with a short inquiry into the most fundamental aspects of the not-for-profit business model.
  • 3. NEWRISK PARADIGM FOR NOT-FOR- PROFITANIZATIONS NOT-FOR- PROFIT ONS THENEWRISKPARADIGMFORNOT-FOR-PROFIT The Power of Possible 3 1. Do we fully understand our risk exposures? 2. Are our risk exposures appropriate to our objectives, our appetite for risk, our resource levels, and our desire for long-term sustainability? F irst and foremost, senior managers must ensure that all risks facing the enterprise have been properly identified and measured. This process should start at the business unit level, where program managers intimately familiar with their individual landscapes can adopt an appropriate risk management framework, and establish an ongoing risk-based dialog with the senior management. Together they can then discuss current and emerging risks in detail, establish risk limits, and put specific action triggers into place. The next critical step is a holistic enterprise-wide view of risk—one that transcends individual business segments and/or programs—established at the senior executive and board level. Once defined, the strategic implications of each type of risk must be contrasted with resource adequacy and availability, leading to a clear understanding of how each risk can and ought to be managed. I n addition to proper risk identification and measurement, strategic deliberations by senior management must establish an explicit link between risk, resources, and strategy. To avoid surprises and ensure that a not-for-profit does not respond to pressures through Given the complexity of the modern world— again, in both the private and public sectors— senior management must also regularly devote time to discussing the so-called unknown unknowns — that is, events and risks beyond the scope of traditional discovery processes and systems, in addition to business-as-usual risks. For example, an acknowledged but unknowable unknown in a not-for-profit might involve apolitical or philosophical change in the way state and local governments view their funding, emerging business models, or changes in the competitive environment (including for-profit service providers). Another unknown unknown might concern the not-for-profit’s long-term sustainability. Finally, questions pertaining to clarity of purpose, strategic responsiveness, and engagement of key stakeholders should also be regularly discussed so that unknown unknowns show up at the table. blind risk and leverage, the organization’s risk appetite must be fully aligned with funding and service targets, and vice versa. In other words, senior management must fully understand and approve the amount of risk required to achieve the organization’s stated objectives and goals.
  • 4. NEWRISK PARADIGM FOR NOT-FOR- PROFITANIZATIONS NOT-FOR- PROFIT ONS THENEWRISKPARADIGMFORNOT-FOR-PROFIT The Power of Possible 4 3. Is our organization adequately dynamic from the viewpoint of risk management? 4. How do risk and uncertainty factor into our strategic decisions? T he lack of organizational dynamism—i.e., a company’s ability to detect coming crises and environmental changes, understand their potential impact, and develop the agility to react in a timely fashion—was a common feature of for-profit companies that failed during the recent financial crisis, and not-for-profit companies whose traditional approach no longer worked in the post-crisis environment. Senior management can and should play an important role in ensuring that a company is well-prepared to withstand volatility, crises, T he recent financial crisis revealed profound disconnections between executive decision-making and risk management. Nor were not-for-profits immune to this way of thinking, since they generally thought of risk management from a largely defensive perspective. Furthermore, because not-for-profits have not traditionally been associated with corporate agility, they have tended not to develop the sort of resiliency on which commercial ventures depend. For that reason, strategic decisions—again, in the public as well as the private sectors—have often been focused on business and customer strategies, new product development, and disruptive technologies, and other changes in the market, and in its competitors. An integrated risk management framework, early warning systems, and comprehensive contingency plans must be continually reviewed by Senior Management and the Board of Directors, and included in all strategic discussions. Finally, questions pertaining to clarity of purpose, strategic responsiveness, and engagement of key stakeholders should also be regularly discussed so that unknown unknowns show up at the table. pursuit of market share, with risk management remaining an afterthought—that is, a sort of police function used to check on safety and soundness only after strategic and investment decisions had already been made. To remedy this after-the-fact approach, the role of risk in a not- for-profit’s business model must be continually reevaluated by senior management, thus making risk management an input into strategic decisions and governance. Continually asking fundamental questions in rigorous yet practical ways vastly improves the effectiveness of senior management, helping them steer their not-for-profits through the ever more difficult conditions of the modern global environment.
  • 5. NEWRISK PARADIGM FOR NOT-FOR- PROFITANIZATIONS NOT-FOR- PROFIT ONS THENEWRISKPARADIGMFORNOT-FOR-PROFIT The Power of Possible 5 1. Do we have an integrated firm-wide risk management process? 2. Are professionals at all levels empowered to manage risk? E ffective risk management is achieved through comprehensive risk reporting, governance policies and limits, escalation procedures, action triggers, and dynamic and integrated firm-wide processes. As a pre-requisite to all of the above, the not-for-profit must possess an analytical system capable of properly identifying, measuring, and aggregating all risks across the enterprise. Equally important, an appropriate ‘risk mindset’ must be adopted throughout the organization. Furthermore, once that mindset is in place, risk exposures and the risk analysis of key business initiatives must be routinely discussed. Senior Management must also ensure that relevant risk measures are among the key metrics monitored by program managers on a daily basis. Lastly, senior management must ensure that risk issues are handled proactively, and communications across program units F or the risk management of a large, complex not-for-profit to be effective, it must be built not only into every part of the decision- making process, but also every into control mechanism throughout the organization. Toward that end common risk management language must be established throughout the organization, are open and effective. In this regard, red flags to be watched and immediately addressed include 1) excuses that specific risks do not lend themselves to quantitative measurement, 2) that certain risks are the “nature of the business” and therefore should not be monitored or managed, and 3) that phrases like “don’t worry,” “this is a low probability event,” or “local managers have it all under control” are stricken from the organization’s vocabulary. Instituting a rigorous firm-wide risk process also ensures that directors do not start questioning senior managers about risks that the corporation has undertaken only after it is too late. The White House situation room, to give but one example, employs a ‘tripwire system’ that monitors pre-determined events to ensure that strategists continually reassess the changing environment. along with clearly delegated responsibilities for managing risk at all levels. Finally, leadership and risk management structures must be correctly aligned with the not-for-profit’s business model, and the right balance established between competing priorities and constituencies. Organizational Risk Management by senior leadership is equally critical, since it is no longer enough to assume that risk is being properly measured and managed as strategies are set, and certain results are sought. For those reasons successful organizational risk management entails its own set of important questions.
  • 6. NEWRISK PARADIGM FOR NOT-FOR- PROFITANIZATIONS NOT-FOR- PROFIT ONS THENEWRISKPARADIGMFORNOT-FOR-PROFIT The Power of Possible 6 3. Does the Not-for-Profit have an appropriate risk management culture? A ccording to Jim Collins, the author of Built to Last and Good to Great, “companies that survive periods of great tumult and duress have an incredible fabric of values.” Given that it is precisely these values that help successful companies fulfill their missions and strategic visions—and in so doing create lasting value—senior managers must be committed to the creation of an effective risk culture. There are specific signs that a not-for- profit is on the right track in this regard, and that risk management has become part and parcel of a not-for-profit’s DNA and immune system. First, the board assumes the ultimate responsibility for risk oversight responsibility. Second, the board declares its ethical stance. And third, the board, establishes clear measures of success, using well understood metrics for risk appetite, and risk limits. Toward those ends, the board also delegates responsibility to the appropriate authorities for risk management across the enterprise. Risk training and awareness programs are also in place throughout the organization, with senior line managers and risk professionals responsible for formal post-mortems of major mistakes. Senior management also ensures that management incentives encourage responsible and value- added risk taking, and emphasize the importance of embedded risk management processes in the organization’s decision-making and communications. Rewards must also be consistent with desirable behaviors, and employees must know what is expected and what will not be tolerated. With such a risk culture in place, silos will be broken down, open communication will be encouraged, and risk successes will be publicized and imitated. And when this happens, employees will make better decisions, keep their not-for- profit out of harm’s way, and reduce potential legal liabilities and reputational risks.
  • 7. NEWRISK PARADIGM FOR NOT-FOR- PROFITANIZATIONS NOT-FOR- PROFIT ONS THENEWRISKPARADIGMFORNOT-FOR-PROFIT The Power of Possible 7 Conclusion R isk management is the most efficient framework for critical strategic and investment decisions, not merely a policing function. Therefore, the new risk paradigm for not-for-profit governance presents visionary senior managers with a unique opportunity. In normal economic environments, strategic management of risk leads to lasting social value creation. During crises, it limits losses and ensures survival. Along with that opportunity, however, comes the need for unrelenting hard work, constant vigilance, and inspired, enthusiastic leadership. This article, specifically adapted for not-for-profits, is based on an article by Martin and Tillman published in Chief Executive Magazine in 2011. Christine McMahon is President and CEO of Fedcap Rehabilitation Services, Inc., a national nonprofit committed to creating opportunities for people with barriers to economic well-being, is a highly regarded national presenter on nonprofit leadership, and is a member of the U.S. Secretary of Labor’s Advisory Committee for Individuals with Disabilities. David X Martin is a former Chief Risk Officer, as well as Founding Chair of the Investment Company Institute’s Risk Committee. He is an Adjunct Professor, Author, Special Counselor to the Center for Financial Stability, and currently consults for a number of financial institutions, and provides expert witness testimony. Put another way, risk management must be transformed into a cornerstone of effective strategic decision-making and corporate governance in not-for-profits—a critical element of the organization’s foundation that fully supports operations, organizational structures, and corporate culture. Of course there is another solution, as W. Edward Deming famously noted: “It is not necessary to change. Survival is not mandatory.” It is up to senior management of not-for-profits to make that decision.