News | 6 Apr 2017
It has been quite a start to the year in South Africa and globally. Very little seems certain and financial markets are responding with volatility. This is an anxious time for community organisations who must navigate the stormy waters of both funding and programme delivery in an increasingly uncertain world. How can organisations plan for and manage risk in an environment that is ever-changing?
A key oversight responsibility of non profit boards and senior managers is to understand, manage and mitigate against risk to ensure their organisations are sustainable and able to deliver high quality programmes to beneficiaries. The NACOSA Training Institute recently started delivering a new Risk Management training in communities, developed with the Global Fund, to build the capacity of community organisations to plan for risk. The training goes beyond financial risk, focusing also on governance, programme implementation as well as procurement and supply management risk.
A risk is a future adverse or negative outcome. Operational risk includes things like the possibility of reduced programme impact, not achieving targets, reputational damage and/or wastage or misuse of resources due to specific processes or role players not operating as intended.
Assessment of potential risks and developing a plan to mitigate risks helps organisations achieve programme goals and function optimally so that they can effectively manage funding and be resilient when dealing with a changing environment.
There are different types of risk:
A good risk management strategy will ensure that an organisation is able to contribute towards HIV/AIDS disease control and elimination, the achievement of the National Strategic Plan for HIV, TB and STIs, address inequalities in accessing health services, contribute towards the achievement of the global Sustainable Development Goals and can demonstrate its results.
By formally assessing risk, organisations are able to:
Managing risk should be a key priority for any organization but many do not do it well. The reasons organisations fall short include:
The board, management and other personnel in an organisation must be able to manage risk proactively and take shared responsibility for risk management processes. To be effective, risk management in an organisation should follow these principles:
In making decisions about risk, the effect of those decisions on the ultimate goal – to achieve maximum impact on HIV and TB in South Africa, for example – needs to be carefully balanced. The net effect of each decision to manage risk on that impact must be positive. The benefits should outweigh the costs.
Boards and senior management have a shared responsibility to nurture a risk-aware culture that encourages prudent risk taking within the organisation’s strategy. A strong culture is one in which decisions are made in a disciplined way, taking into account considerations of risk and reward transparently and on an informed basis. This decision-making culture should extend throughout the organisation, from the largest strategic decisions to the most routine day-to-day ones. Effective risk management is a key element of good governance and therefore the board is ultimately responsible.
It is useful for organisations to measure themselves on how well they are currently managing risk before starting the process of building a risk-aware and resilient organisation. With a solid baseline in place, implementing and assessing risk management policies and processes becomes easier.
Find out more by contacting the NACOSA Training Institute >
 The Global Fund. 2014. The Risk Management Policy. The Global Fund Thirty-Second Board Meeting. Montreux, Switzerland, 20-21 November 2014. GF/B32/13. Geneva.