1. Home
  2. The Code
  3. Principle 3
  4. Regularly identifying and reviewing the major risks to which the organisation is exposed including systems to manage those risks

Principle 3

Regularly identifying and reviewing the major risks to which the organisation is exposed including systems to manage those risks

Risk Management

Effective boards will identify and review the major risks to which the organisation is exposed and put in place systems to manage those risks.

Management committees are responsible for safeguarding the organisation, its assets and third parties, including staff volunteers and beneficiaries.  This requires being aware, not only of the current activities and circumstances of the organisation, but also being mindful of what could happen in the future in order to minimise any potential negative impact on the organisation. Assessing and managing these risks is key for any management committee wishing to demonstrate effective management and accountability.  For charities, under ‘Accounting and Reporting by Charities – Statement of Recommended Practice’ (SORP), trustees are required to make a statement confirming that “the major risks to which the charity is exposed, as identified by the trustees, have been reviewed and systems have been established to manage those risks”.

A management committee should be in a position to state that they are:

  • aware of the major risks faced by the organisation
  • taking all reasonable steps to reduce the likelihood and/or impact of these risks
  • satisfied that the remaining level of risk to the organisation is acceptable

By doing so, they are demonstrating to funders, supporters and other stakeholders that they are taking a responsible, considered approach to managing the organisation and its assets.  It should also be reassuring to management committee members themselves as they are able to identify developments that could threaten their ability to perform their role effectively or could expose them to liabilities.

What is risk?

Risk describes the uncertainty surrounding events and their outcomes that may have a significant effect, either positive or negative, on:

  • operational performance
  • achievement of aims and objectives and
  • meeting expectations of stakeholders

No activity is risk free.  Every action we take, from crossing the road to trying something for the first time, is a calculated risk.  Even with good planning it may be impossible to eliminate the risks from any activity.  However if something does go wrong, the existence of an effective risk management strategy should help to lessen the impact.  There is information on this site about conducting a risk assessment and templates for risk assessment (smaller groups and larger groups) are also available.

Download:  Worksheet: Identifying Risk Step 1
Download:  Worksheet:  Rating Risk Step 2
Download:  Worksheet:  Managing Risks Step 3

For more information on risk management, see:

For more information on business continuity, see Endsleigh Insurance’s post on business continuity plan.