November 6, 2009
Managing Risk in an Improbable World
By Carlye Christianson and Melanie Lockwood Herman
In his fascinating book, Struck by Lightning: The Curious World of Probabilities, University of Toronto professor Jeffrey S. Rosenthal explores the
science of probabilities. Rosenthal’s text offers a compelling argument for thoughtful risk management while reminding readers to accept the ever-present companion of “randomness.” According to Rosenthal,
randomness is often neither good nor bad, just confusing. Many aspects of our lives are governed by events not completely within our control and uncertainty is here to stay. Our “take” on this is that nonprofit leaders have two options when it comes to uncertainty: #1. We can let uncertainty get the better of us and our organizations, or #2. We can learn to understand and perhaps appreciate randomness and act accordingly.
The clear choice is Door #2. Rosenthal writes, “While no one can predict uncertain events with certainty, we can at least understand the uncertainty itself… By thinking logically about the likelihood of various outcomes, we can better make decisions and understand our lives more deeply. We can better cope with the uncertainties we face and perhaps even learn to enjoy them.” That sounds like a wonderful antidote to the paralyzing, toxic fear that many leaders exhibit when they reach out to the Center for mid- or post-crisis risk management advice!
Nonprofit leaders committed to coping with and even embracing uncertainty must, however commit to estimating the probability of various outcomes and making adjustments in those estimates on an ongoing basis. Our predictions about the future should (and will!) change as the future unfolds and we need to be flexible in adjusting our policies, procedures, staff training protocols and management oversight to reflect insights from experience (including losses) and the availability of data which confirms or discredits our worst fears. Over the course of years or decades, few if any risk management strategies will remain relevant (without adjustment) in a dynamic organization. We should be eager to update policies to make certain they suit the organization rather than clinging to time-worn policies and procedures.
In the five-part “risk management process” outlined in our new text, Ready… or Not: A Risk Management Guide for Nonprofit Executives, the final step in the risk management loop is “monitoring and updating the risk management program.” This step often receives minimal attention—the leaders of a risk management effort are often eager to “finish” the task and move on. But the risks that threaten our missions and mission fulfillment warrant ongoing review and attention. In many cases the strategies or policies initially selected must be modified to address changing circumstances or new resource constraints. In some cases more thoughtful risk communication (addressed in Chapter 7 of
Ready… or Not) is necessary to bring a risk management strategy to life in a nonprofit. Keep in mind that your audience wants to know more than “what” when it comes to a new policy or risk management protocol; they want to know “why” the policy was developed, who it is intended to protect, and “why” their support and participation are essential.
As we near the end of another calendar year, it is a fitting time to reflect on the changes in your nonprofit’s risk profile and the probabilities assigned to downside risks. What, if any, downside risks that were of grave concern a year ago materialized during 2009? What downside risks were avoided due to prudent planning and swift intervention? What risks emerged that you did not expect at the end of 2008? What changes in operations or strategy have created new areas of exposure for your organization? What partnerships or collaborations have been formed or abandoned?
As you look ahead to the approaching New Year, we invite you to consider:
- What changes in risk management strategies or policies are needed based on new evidence, trends, or circumstances?
- What risks should your nonprofit take in 2010 to advance its mission?
- What additional information do you need to proceed?
- What is the risk of NOT acting?
Remember that the staff at the Nonprofit Risk Management Center stand ready to assist you in your efforts—whether you are focused on getting a clearer picture of the risks your nonprofit faces today and in the future or committed to evaluating the effectiveness of your current risk management strategies. We are able to provide a third-party review, a candid assessment, and a supportive resource to which you can turn as you examine your risk landscape. You can reach the Center by telephone at (202) 785-3891 or email@example.com.
2009 and 2010 Webinars
The final program in our 2009 series of monthly webinars will take place on
December 2, 2009 at 2 p.m. Eastern. The topic for the program is:
Conducting a Youth Protection Risk Assessment. The program will examine the process of examining risks in a youth-serving agency as well as the design of appropriate risk management strategies for nonprofits serving children and teens. To register, visit: http://nonprofitrisk.org/training/webinars/webinars.shtml.
The Center’s 2010 Webinar Series will begin on January 6, 2010 at
2 p.m. (Eastern) with a dynamic program on nonprofit boards. The title of the first program is:
House of Sand or Foundation of Stone: The Board of Directors/Trustees. During the webinar series kick-off the Center’s executive director will explore best practices and practical risk management strategies in the areas of board composition, board operations, inspiring a culture of candor (“culture of dissent”) and more. For more information on the 2010 series, visit: http://nonprofitrisk.org/training/webinars/webinars2010.asp.
Carlye Christianson is Senior Counsel and Director of Special Projects and Melanie Lockwood Herman is Executive Director of the Nonprofit Risk Management Center. Both staff members welcome your feedback on this article and questions about the Center’s resources at Melanie@nonprofitrisk.org.