“A company built for resilience is a company that is structured to last forever. This is different from a company built for stability. Stability, by its very definition, is about remaining the same.” – Simon Sinek, The Infinite Game
By Melanie Lockwood Herman
This week’s issue of McKinsey Quarterly features a set of “six key dimensions to help achieve resilience during uncertainty.” While the details of the recommendations most directly fit for-profits, McKinsey’s six areas of focus are relevant and timely for mission-focused nonprofits.
Here’s how we see the six themes relating to nonprofits across a wide spectrum of missions.
Financial: It’s never too late to devote the time and focus your nonprofit’s financial health warrants. No rainy day fund? Start building one without delay. While we can’t tell you exactly how (or when) the cloud of recession will rain down on your organization, we know you’ll be better positioned to continue your most vital programs and services if you have a cushion to lean on during a period of declining or stagnant revenues. But don’t cut costs in the short term that will have expensive consequences down the road. Pulling back on technology investments and professional development can backfire when legacy systems fail and high-performing staff leave.
Operational: For nonprofits, the operational realm means delivering programs and services to individuals and communities. As you reflect on how you retooled and reimagined long-standing service delivery models during COVID, keep in mind that future disruptions might look different. Which of your programs have built-in bounce to recover from a disruptive event? Which programs need shoring up or a new design to infuse them with resilience? Which programs or services should be retired to a ‘hall of fame’ because the demand or support needed to sustain them has dissipated? While it’s always hard to put a beloved program or service ‘out to pasture,’ doing so may be necessary to increase resilience and get ready for what’s next.
Technological: McKinsey’s advice to “Invest in secure infrastructure… and implement IT projects to keep pace with customer needs…” is highly relevant to nonprofits. Data privacy risk looms large in the minds of risk leaders and nonprofit boards. NRMC advises all of our members and clients to do more today than yesterday, and resolve to invest—year over year—in IT systems, security, and breach/intrusion planning. Your mission is too important to face a cyber-attack or data breach unprepared.
Organizational: Every nonprofit is a ‘work in progress’ when it comes to the infrastructure that supports programs and services. Building organizational resilience requires intentional succession planning and cross-training to prevent gaps in key processes and programs when team members step away for any reason. And if you’re using pre-pandemic recruitment strategies and waiting days (or weeks!) to respond to applicants for open positions, your strongest candidates have probably already found another position. New team members? Make sure your onboarding process is mission-worthy and provides plentiful opportunities for ‘quick win’ projects that reinforce the new hire’s wise decision to say “yes” to the job. Find multiple ways to connect their work to the bigger mission and community impact.
Reputational: One of the perennial fears of nonprofit leadership teams is a ‘scandal’ or incident that threatens a reputation built over decades of service to the community. Many leaders believe reputation harm originates outside organizational boundaries. In NRMC’s experience, the opposite is true. An increasingly common source of reputation harm is the belief—by insiders—that the nonprofit is not as ethical, impactful, or sincere as it professes to be. Revisit the results of employee engagement surveys and exit interviews to identify the real risks to reputation. Reflect on the steps you can take this year to sync the reality of working or volunteering at your nonprofit with the promises made in public-facing pronouncements.
Business Model: If your nonprofit’s business model—a snapshot of where financial resources come from and how they are spent—hasn’t changed in a while, it might be time for a refresh. Every nonprofit exists in a dynamic landscape that is constantly changing. Every nonprofit business model needs a periodic tune-up, and from time to time, a complete overhaul. It’s not enough to shorten the span of your multi-year strategic plan, from 10 to five or three years; revisit the assumptions that underly your priority strategies and reflect on whether they are built to flex in response to changing demand or promising new opportunities.
At NRMC, we believe building resilience must be top-of-mind for nonprofit risk professionals. Conversations about ‘what if’ events and circumstances should include how you are investing in back-up plans, contingency strategies, and adapting based on new insights and experience. Your mission is far too important to simply hope you won’t be caught in a future storm.
Resilience Resources for Nonprofits
The NRMC team is laser-focused on creating practical educational pieces and resources to inspire and equip risk leaders to infuse greater resilience into nonprofit missions. Here is a short list of recent materials:
Risk Management Essentials – The Economic Risk Issue
“How to Build Your Nonprofit’s Resilience”
Infographic: Ready to Respond: Building Resilience for a Cybersecurity Incident
“Focus on Residual Resilience, Not Residual Risks”
Infographic: The Resilience Mindset: 7 Musts if Your Mission Matters”
“Risk and Resilience: The Board’s Role”
Infographic: Resilience Reads for Risk Champions