Last week, we covered the types of insurance your nonprofit should consider. But how exactly do you choose what types of policies you will need for your organization? Doing a careful risk assessment is a good starting place.
What is a risk assessment? Ready.gov provides a simple definition: “A risk assessment is a process to identify potential hazards and analyze what could happen if a hazard occurs.”
A risk assessment contains multiple stages of identifying and prioritizing risk. Nonprofit leaders are responsible for recognizing vulnerabilities and monitoring any risk that could affect their organization.
There are many ways to accomplish a risk assessment based on the size of your organization. For smaller nonprofits, the best way to save money is for internal leadership teams—such as volunteers, boards, or staff—to conduct the assessment. Larger organizations might hire a risk professional or even employ one in-house.
BoardEffect provides a simple risk assessment template that any small nonprofit could use as a practical guide. Essential steps include:
- Identify risks in categories such as governance, external, financial, or operational.
- Analyze risks and score each for likelihood and impact.
- Prioritize and determine how much risk your organization is willing to accept.
- Determine which risks are acceptable and decide what you will need to take action on.
- Ensure that risk controls are in place.
- Monitor and review identified risks and update controls as needed.
Once your organization has recognized and prioritized risks you’ll have a much simpler experience selecting the types and amounts of insurance appropriate for your organization.