How to Build and Fortify a Critical Incident Process

By Rachel Sams

Want employees to buy into your nonprofit’s critical incident reporting program? Use the words “critical incident reporting” sparingly, says Regina Wright, Senior Advisor for Child and Adult Safeguarding at Save the Children US.

When Wright speaks with Save the Children employees, she explains in jargon-free language why incident reporting matters. She strips away language like “mitigation” and “compliance.”

“As long as we’re using [language] that way, we see this as a work-related compliance issue,” Wright says. “We have kind of objectified the group we’re protecting. They’re a group we protect as part of a policy, versus these are people who are going to be impacted by our decisions.”

Incident reporting processes ideally track incidents, accidents, and near-misses. Incident reporting data should also catalyze and inspire nonprofit leaders to improve operations, increase safety, and catch dangerous patterns before an accident or ethical breach occurs.

Nonprofit teams that want to launch or evolve incident reporting must consider a variety of issues, from how to track incidents to how to foster a culture of trust. Not sure where to start on your journey? Here’s a road map.

How To Begin an Incident Reporting Program

Solicit feedback on safety at your organization from staff and community. If your nonprofit works with children, families need a say in how the organization handles issues around safety, Wright says. Without their voices, the process is incomplete. If your nonprofit provides transitional or permanent housing to individuals and families, you should invite residents to share their concerns about safety and incidents.

Nonprofits that want to build or evolve incident reporting should engage the people who deliver services for the organization, says Ann Terlizzi, Senior Director of Risk Management and Quality Improvement at Lutheran Social Service of Minnesota. Their feedback will ensure the system meets the needs of everyone involved and help change behaviors and operations for the better.

Create a way to report incidents. Employees will need a system or method to alert management to an incident or near miss. Organizations can buy and customize off-the-shelf incident reporting software, or build their own systems using Excel or other readily available tools already in use. Start by creating a simple, straightforward form that employees fill out when an incident occurs. Consider the basic information you will need to capture. What happened? Where and when? How many people were injured or exposed to harm? What immediate actions did employees take? Did law enforcement respond? Did media report on the incident? What long-term actions will the organization take to address the incident? Create a decision tree or guideline that routes incidents to parties that need to follow up, like human resources or a safety committee. Keep in mind form length and complexity can dissuade timely reporting. Include only the essentials in your basic incident report format.

Determine how your organization will evaluate an incident’s impact. Terlizzi created a system that measures “consequence value” of incidents at her agency. The system has five components: consequences to people’s safety and emotional well-being, financial consequences, service consequences, property damage or liability consequences, and reputational consequences. Terlizzi gives each incident a score of 0-3 on each criterion. Incident reports can’t be closed until specific issues are addressed, like what the organization did to respond to the issue and how much it cost.

Assign a point person to monitor reports and track progress on their resolution. All organizations should have a single person with ultimate responsibility for incident reports, whether they invested in an online system or built their own. “When everyone’s in charge, no one’s in charge,” says Terlizzi. Train a back-up person, so the system doesn’t falter when the primary responsible staff person enjoys well-deserved time off.

Train your staff on the system. Craft a training program that explains what kinds of incidents should be reported and how to make a report. Terlizzi created an online training session employees review and quickly access when they need to report an incident. The training addresses the struggle employees often feel between the impulse to report an incident and fear of the consequences.

Wright leads small group reflection sessions after incident response trainings. She gives real-life examples of incidents and asks the group to share how incidents might surface in their work. She walks people through the reporting system and explains what happens after a report is made.

Spell out that employees won’t face retribution for reporting in good faith. While that statement is necessary, it might not end the fear, Wright says—and leaders have to make space for that. “You need to create an opportunity for people to say, ‘I’m nervous,’” she says. Leaders must validate employees’ experiences in order to build an environment based on trust, transparency, and person-centered practices. This is key to creating a culture in which people feel empowered to speak up through established reporting channels.

Allowing employees to informally share and discuss incidents during regular team meetings can be a low-pressure way to identify situations in which people might be afraid to report an incident.

Investigate and resolve to explore the root causes of every incident. A root cause analysis “can be very fruitful for people to get a different perspective or just talk it out in a very focused time,” Terlizzi says. “How did we get here? How do we make sure we’re never here again?”

Create a system to look at trends over time and to inform your board. You may want to build a dashboard or presentation to show your board what types of incidents occur most often and what types are increasing and decreasing. Sharing high-level incident reports with the board will be helpful if you need the board’s support and action on new policies or funding. Don’t collect data for its own sake; use what you’re learning to help your nonprofit make changes to decrease the number and severity of future incidents.

The types of reports can tell you something about workplace culture, Wright says. Reports of violations that are mostly made anonymously could indicate a culture of fear. When employees identify themselves and report risks and near misses, not just violations, that could indicate they feel safe to report and empowered to protect.

How To Evolve And Improve Your Program

Once you have an incident reporting program in place, keep in mind that you will need to evaluate it thoughtfully over time. Organizational changes, new management priorities, or changes in the environment could mean a program that seems to work well needs to evolve.

Terlizzi’s impulse to evolve incident reporting at her agency came when she noticed “it was very murky what incidents needed to rise to the level of critical for our teams. I started to observe what types of incidents were coming in and talked with teams about what worked well, what didn’t and where they got stuck about making decisions on whether or not to report.”

Terlizzi says Lutheran Social Service’s incident tracking system helped the organization make a difficult decision about the organization’s ability to serve some potential clients. Lutheran Social Service supports people with intellectual disabilities in residential settings. Using the incident tracking system, officials noticed a trend of repeated critical incidents involving people with high needs—situations that involved calls to law enforcement, property damage, and hospitalizations. Leaders dug deeper and decided to ask more questions in their intake program to better evaluate whether they could provide the necessary supports for people with certain complex diagnoses.

Buy-in for incident reporting from the top matters, too. Terlizzi chose a revamp of Lutheran Social Service’s incident reports system as her “breakthrough goal,” an exercise the members of the executive team at the agency do regularly. Appropriate breakthrough goals have the potential to catalyze positive change in the agency. To inspire the team to be bold, “breakthrough goals” aren’t directly tied to performance reviews. The executive team rallied around Terlizzi’s breakthrough goal on critical incidents. Now that the team can clearly see the consequences of incidents to the agency, executives can focus on incidents with higher consequences, instead of reviewing all incidents.

When organizations review an incident after the fact, “keep the focus on what the harm was or potential harm, as opposed to finger pointing at people. Keep it tied to your mission,” Wright says. Her reports center the perspectives of people who experienced harm or could have been harmed, and their ideas about how to resolve the matter fairly and improve safety.

Any nonprofit that puts incident reporting in place must continually explore how the program can provide more information that helps minimize harm and improve operations. If you begin your incident reporting work by centering community and frontline staff, and revisit that imperative frequently, you’ll be well on your way.

Rachel Sams is a Consultant and Staff Writer at the Nonprofit Risk Management Center. Reach out to her with questions or ideas about critical incident reporting at or 505-456-4045.