Risk Management and Financial Sustainability

This chapter introduces the theories and practices of integrated risk management in relation to its contributions to the financial sustainability of a nonprofit organization. Topics will include, but are not limited to, analytical frameworks for risk assessment and risk-management plans.


A risk is the potential for negative, unwanted, or unpredictable consequences from an event, an activity, or a decision. A risk is some exposure to a situation that can produce a loss in comparison to a possible gain in the absence of the risk factor. From the definition, it is clear that risk exists in almost every human activity, because there is always the possibility of a negative, unwanted, or unpredictable return even with the most accurate planning. Risk exists in the practices of both for-profit and nonprofit organizations. When stockholders invest their money in a business, there is a risk that they can lose their investment. When a nonprofit organization holds a community event to help some people in need, there is a risk that one of the participants might slip and fall, and sue that nonprofit organization that was trying to help with limited resources. This is just one example. Risk in nonprofit organizations can be associated with board members and volunteers, staff, programs and events, services offered, operations, technology, and financial management. Nobody can control the risks that result from an event or an activity. However, a risk can be managed.


Risk management involves making and carrying out decisions for the organization that will minimize the effects of risk. It can save money, as well as improve the quality of the organization. There are several types of insurance that can be provided. Some common insurance coverage includes workers compensation, corporate automobile, life insurance, errors and omissions, property and casualty, unemployment, surety bonds, and directors and officers insurance. Overall risk management helps organizations achieve quality services.


Integrated risk management is a comprehensive assessment and management of internal and external risks that challenge a nonprofit organization. Integrated risk management enables nonprofit leaders to ensure that their objectives are met while identifying and managing both internal and external risks across the entire organization. By conducting risk assessment for both their internal and external environments, nonprofit organizations can link all of the related risks to the organization's key initiatives. Consequently, this can better and more efficiently mitigate the impact of risk in various contexts. Risk management is very important to nonprofit organizations, because it helps protect them from risks that can lead to dysfunction, ineffectiveness, or even dissolution. Nonprofit organizations' successes depend in large part on their ability to be creative, to design alternative programs or projects that may not meet all the requirements or standards that would be necessary in a for-profit business. Some of the new initiatives of a nonprofit organization may be untested. Therefore, it is difficult to anticipate with a fair level of certainty how it will turn out. In other words, that opportunity to be creative also carries certain risks. Sometimes, the greater the anticipated impact of a new or untested program, the greater the risks will be. The solution is not to stop being creative or taking risks. The solution is to continue to be cautiously creative and find ways to balance such creativity with a significant return, which can neutralize the effects of potential risks. The challenge for nonprofit organizations is the way results are measured in comparison to for-profit businesses. In business, the bottom line is the amount or rate of profit generated. Any initiatives that can generate a profit tend to be welcomed in business, except in special circumstances. It is not the same for nonprofit organizations. The bottom line is a cause, a need to be addressed. Nonprofit organizations address various social issues related to education, social justice, health, arts, the quality of life of individuals, and their overall well-being; such returns cannot be measured in monetary terms, for a short-term project.

Integrated risk management is a systematic approach that requires nonprofit organizations to measure the mission-related impact of their activities and also consider the implications of such impacts in various contexts. As indicated in previous chapters, the board of directors and staff of nonprofit organizations are supposed to work on behalf of the public, because they are publicly supported organizations. Leaders and managers of nonprofit organizations must be good stewards of resources entrusted to them through various types of contributions, awards, or grants. The management and use of these resources carry the potential for risks. The many stories of fraud and corruption in some nonprofit organizations constitute an illustration of the potential for such organizations to lose income or assets through the decisions and actions of leaders and managers. In most cases, leaders and managers have to make their own interpretations regarding what is in the best interest of the public. In this case, there is still a risk that such leaders and managers may not use their best judgment, which should be rooted in the interests of all internal and external stakeholders.

Some nonprofit leaders may be more inclined to take risks than others. The hope is that their risk preference is influenced by the vision and mission of their organizations. Obviously, there is always the possibility that nonprofit leaders will, in fact, reach out to their constituents before they make consequential decisions. However, there have been countless cases in which nonprofit leaders completely dismissed the interests of their constituents to satisfy the requests of partners who want to further their own community agendas. It is not surprising that many nonprofit leaders make decisions that are very costly for the vision and the mission of the organizations they are leading. Sometimes, they get away with it internally, and the clients pay the consequences without knowing it. Other times, the problem spills over and plays out in public. This happens mostly when the results have negative consequences for the majority of internal and external stakeholders.

< Prev   CONTENTS   Next >