Risk Management Plans – BONUS


What It Is

An organization’s risk management plan outlines the potential risks it faces, as well as methods for minimizing or eliminating those risks.[1] The risks and corresponding remedies vary depending on the organization, with examples including financial risks and safety risks.


Why It Matters

A risk management plan can help your organization identify and address liabilities, promote safe and effective practices, and secure employees’ commitment to improvement.[2]

Risk management that incorporates sustainability factors is increasingly becoming a requirement to do business today. “Embracing sustainability is fundamental to managing a company’s risk profile and is essentially good business practice.”[3]


Getting Started

  • Step One: Gather data.
  • Step Two: Identify potential risks.


Step One

“Risk management begins with data management. Integrating the fragmented data -from growth, acquisitions, and outgrown models – can lead to a more effective risk management strategy.[4] To that end, a business leader needs data from various areas in his/her organization, including:

    • human resources
    • budgeting
    • development
    • administration


Step Two

After getting the data together, supervisors and employees can begin identifying organizational risks. Common organizational risks include:

    • employee turnover
    • poor communication
    • safety hazards
    • environmental vulnerabilities
    • economic factors


To help identify and organize potential risks, Businessballs, a free organizational development resource, offers project management templates, including a risk analysis template. You will find the template on page 8 of this PDF.


Going Further

After identifying risks, the next step is to decide how best to mitigate them. Employees can help devise ways to curtail risk, drawing from their departments of expertise to develop a plan of action to reduce risk factors. In some cases, if a deeper dive is desired, a manager may wish to hire a risk management consultant from outside the company.

For a fee, project managers can use software programs to help them manage potential risks. The Nonprofit Risk Management Center has created a program to guide organizations through the risk management planning process. SAS also offers RMP software.


Best Practices

Although best risk management practices vary depending on the organization, the CDC has identified eight best practices, which can be applied to any organization:

    • identify early
    • identify continuously
    • analyze
    • reprioritize
    • define and plan
    • communicate
    • update
    • educate


Case Study

The London School of Business and Finance provides a series of short videos, which illustrate the importance of risk management planning. The videos discuss Skytrain, a now-defunct airline that suffered from poor risk management:

Introduction to Risk Management by LSBF Global MPA



Creating a written plan for risk management maximizes an organization’s chances of weathering storms and positioning itself for long-term success.


Resources for More Information

Arup, Resilience, Security and Risk


Center for Disease Control (CDC), Emergency Response Resources

Environmental Protection Agency (EPA), Risk Management Plan Rule

ISO Review, Organizational Risk Management and the Procurement Department

Nonprofit Risk Management Center

SAS, Risk Management Knowledge Exchange

Fundamentals of Risk Management by Paul Hopkin

Strategic Risk Taking: A Framework for Risk Management by Aswath Damodaran


Glossary of Related Terms

Business Continuity Plan: A business continuity plan describes how an organization prepares for future incidents that could jeopardize the organization’s core mission and its long-term health. Incidents include local incidents like building fires, regional incidents like earthquakes, or national incidents like pandemic illness.

[1] “What is a Risk Management Plan?” Community Risk Management and Insurance 14, no. 3 (September/October 2005): 1. Available in full at: http://www.nonprofitrisk.org/library/newsletter/0905.pdf

[2] David Singleton, “Sustainability: A Risk Management Perspective,” ARUP, 1. Available in full at: http://www.docstoc.com/docs/22969205/Sustainability-A-risk-management-perspective

[3] “Important Questions About Risk Management,” ECRI Institute, https://www.ecri.org/Clinical_RM_Program/Pages/Important_Questions_About_Risk_Management.aspx, accessed 7 August 2013.

[4] Waynette Tubbs, “Four benefits of data integration for risk management,” The Knowledge Exchange, 10 November 2011, http://www.sas.com/knowledge-exchange/risk/integrated-risk/four-benefits-of-data-integration-for-risk-management/index.html, accessed 7 August 2013.

We educate, motivate, and recognize smaller enterprises for their efforts towards becoming more sustainable. We’re here to offer tangible, practical tips and expertise in sustainability.
Read More About
This entry was posted in Organizational Planning & Documentation and tagged , , , , , , , , . Bookmark the permalink.

Fatal error: Uncaught Exception: 12: REST API is deprecated for versions v2.1 and higher (12) thrown in /homepages/2/d283115547/htdocs/wp-content/plugins/seo-facebook-comments/facebook/base_facebook.php on line 1273