1

AH&T Nonprofit’s 13th Annual Risk Management

Seminar

Leslie T. WhiteCPCU, CIC, ARM, CRM

Croydon Consulting, LLC

November 10, 2005

Enterprise Risk

Management

2

Risk Management

A discipline for dealing with the possibility that some future event may cause unexpected results

Dealing with Dealing with uncertainty . . .uncertainty . . .

3

Principles of Enterprise Risk Management

Every entity exists to provide value to stakeholders

All entities face uncertainty which presents both risk & opportunity with potential to erode, preserve or enhance value

ERM enables management to deal with uncertainty, associated risk & opportunity, enhancing its capacity to build value

4

Purpose of Enterprise Risk Management

To provide value to stakeholders

To help nonprofits get to where they want to go

To avoid pitfalls & surprises

To enhance value, achieve the mission

5

Dealing with uncertainty . . .

Pre-loss exercise that reflects organization’s post-loss goals and reflective of the organization’s culture

To identify potential events that if they occur would affect the organization

Events can have negative, positive or both impact

To manage risks within your risk appetite

6

Dealing with uncertainty . . .

Determine how much uncertainty (risk and opportunity) you are prepared to accept as strive to grow value, achieve mission

Risk management enable management to effectively deal with uncertainty and associated risk and opportunity

Helps management achieve performance targets and prevent loss of resources

7

Innovation requires risk taking. Taking risks requires informed, fact-based decision making.

Why Risk Management?

8

Risk Management Roles

Board • Define expectations• Set strategy & high level

objectives• Resource allocation • Adopt risk management policy

Senior Management• Responsible for all activities• Sets the tone & influences of

the internal environment (principles, values)

• Develop risk management philosophy, appetite & culture

9

Risk Management Roles

Risk Management Committee • Propose risk management

policy & philosophy• Establish risk management

goals • Develop & implement a risk

management program• Help managers incorporate risk

management into operations• Convert risk management

strategies into operations• Present annual report to Board

10

Risk Management Program Development

Plan

Establish risk management committee Create action plan Establish risk management goals Adopt risk management policy Evaluate risk attitudes (tolerance &

appetite) for areas of risk

11

Risk Management Program Development

Plan

Follow steps of risk management process• Identify & analyze risks (risk assessment)• Evaluate & prioritize• Select & implement strategies and

techniques• Monitor & revise

Annual report to board

12

Risk Management Attitudes

Level of risk tolerance & risk appetite

Level of commitment to risk management

Risk management strengths & weaknesses

Available resources – people, time & money

13

Risk Management Basics

A state of mind Involve people at all

levels Provide instruction,

training and equipment Develop and follow

procedures Encourage input

14

The first standard that should be in effect for any organization is the safety

of its constituents.

Goal of Risk Management

15

Risk Management Cycle

Identify risks

Evaluate & prioritize risks

Select risk management techniques

Implement techniques

Monitor & improve the program

16

Risk Management Process

1. Acknowledge and identify risks

“What could go wrong?”

•People•Property•Income•Goodwill

Nonprofit Assets Dimensions of Risk•Operational•Legal•Political•Financial & market

17

Risk Management Process

2. Evaluate and prioritize risks

Frequency Severity

Risk Analysis

18

Risk Management Process

3. Select and implement risk management techniques

AvoidanceModificationRetentionTransfer

“What will we do?”

19

Risk Management Process

4. Monitor and update the program

•Compare actual to expected results

•Any new programs, activities or risks?

•Changes in mission or strategy?

20

Cost of Risk

Retained losses Insurance premiums or payments

to outside sources for funds Costs of measures to prevent or

reduce losses Administrative costs for risk

management

21

Croydon Consulting, Croydon Consulting, LLCLLC

Leslie T. White, CPCU, CIC, ARM, CRM

P. O. Box 1414

Severna Park, MD 21146-8414

410-544-0913 Fax 410-544-9913

Email: Lwhite@croydonconsult.com

www.croydonconsult.com