Categories of Risk

The risks faced by an organisation should be categorised in relation to what the organisation does.  There are a number of commonly used categories which help to group risks according to the various aspects of the organisation and its activities which you need to consider.

Common categories

Further reading

Click here for links to other risk management guidance relevant to voluntary and community organisations.

The following is a list of frequently used categories:

  • Strategic
  • Operational
  • Financial
  • People
  • Regulatory
  • Governance

Strategic

This allows you to look at external risks, which may affect your organisation such as changes in the environment in which you operate.  It also lets you look at setting organisational objectives and ensuring you set the right ones and then meet them.

Operational

This looks at the risks, which arise from the services you deliver or the activities you carry out.

Financial

This covers financial risks facing the organisation in terms of internal systems, planning, funding etc.

People

Review risks associated with both the employment of staff and the involvement of volunteers.

Regulatory

This category looks at the legislative framework within which your organisation operates.

Governance

This category allows you to review the risks, which are part of the management of the organisation.

Adapt to suit

There may be a degree of overlap between some of these categories, they are suggested in order to help ensure that you do not overlook important risks.  Try to put each risk in the category, which is most relevant.  Some organisations may find they can amalgamate some of these categories and some may find they need extra ones.

Quick Reference