Restructuring Risk Roles

By Erin Gloeckner

Throughout the sector, more and more nonprofits are formally assigning risk management responsibility to an individual or team focused on risk, usually with risk or related words in their job titles. Many NRMC clients succeed by assigning an existing team to wear the risk hat and champion risk management initiatives, without recognizing risk responsibilities formally in job titles or job descriptions. But a growing number of NRMC clients are expanding formal risk management teams with roles such as Risk Manager, Director of Enterprise Risk Management, Risk & Ethics Coordinator, and Chief Risk Officer. What do these roles entail? Should roles like these exist at your organization?

The Need for Risk Roles

The NRMC team typically sees risk-focused roles and teams in large, complex, or high-profile nonprofits. Otherwise, organizations tend to empower one or more Risk Champions—individuals who promote risk-aware thinking amongst their peers, even though these champions are not completely focused on risk or assigned risk-related job titles. Risk Champions range from specific executives such as Executive Directors, CFOs, or General Counsel, to frontline staff members committed to exploring the risks facing their organizations.

If a risk-specific role is beyond your nonprofit’s budget or needs, consider establishing a multidisciplinary risk committee or as-needed task force. Ultimately, risk management responsibility/capability is most effective when it is shared and applied by a team, and when the team in turn promotes risk-aware thinking organization-wide.

Before establishing a risk management team, identify the high-level results you want your risk management efforts to produce. For example:

  • Inspiring confidence on the part of the Board, executive leadership, staff, and other stakeholders that the organization’s commitments to stewardship and safety are sincere, substantial, and lasting
  • Positioning the organization to seize opportunities for growth and mission advancement
  • Reducing or eliminating preventable risks, such as hazards, injuries, and the loss of financial and other assets

For more inspiration, explore ways NRMC clients have shared risk responsibility across their organizations.

What Do Risk Management Roles Entail?

Consider these duties as possible shared responsibilities for a risk team:

  • Collaborates with other teams and departments in order to identify, understand and address risks
  • Establishes, leads and staffs cross-functional teams and task forces formed to explore and address risk issues
  • Collaborates with and supports the executive team to ensure timely and effective responses to crisis events and emergencies
  • Keeps apprised of developments in the fields of risk and insurance to support the evolution of risk management practice across the organization
  • Fosters a culture of safety, stewardship, and risk-awareness
  • Explores and champions ways to improve policies and processes that fall within the risk team’s scope of responsibility
  • Designs and conducts post-mortems for near-misses and critical incidents
  • Develops and implements risk management tools, policies and practices
  • Identifies ways to demonstrate the efficacy of the risk function, and how risk management ties to mission-advancement
  • Develops and delivers staff training on topics that fall under the team’s scope of responsibility

If you need a partner to help you establish or revamp internal risk-focused roles, contact NRMC for help with:

  • Hiring a risk management professional to lead your risk efforts or risk team
  • Providing interim risk management leadership while assisting with the search, hiring, and onboarding process for your incoming risk leader(s)
  • Developing appropriate position descriptions for new risk roles
  • Restructuring your existing risk function or clarifying existing roles
  • Adopting an appropriate divide between staff-led and board-led risk management efforts
  • Coaching risk management leaders—whether formally appointed or not!—on specific risk issues or risk leadership capabilities

We welcome your inquiries at 703.777.3504 or

Risk Leadership Resources:

Erin Gloeckner is the former Director of Consulting Services at the Nonprofit Risk Management Center. NRMC welcomes your insights to risk leadership and risk teams at or 703.777.3504.