Risk Roles in a Nonprofit 

By Whitney Claire Thomey

Evolution of risk management programs happens in many ways. However, expansion usually involves infusing risk awareness into decision-making and routine activities. Doing so often requires the thoughtful consideration of how new risk-related activities will be dispersed among the team. During the past year, we’ve been asked by several organizations to weigh in and support the design of new risk roles, the revamping of existing roles, and the recruitment of risk leaders.

Recently, the NRMC team has assisted clients by supporting and leading several processes that ultimately placed a brand-new Director of Risk Management or Director of ERM. Through this work, we’ve realized that a deliberate approach to recruitment, screening, and onboarding is invaluable. Such a process has the potential to transform risk functions and capabilities with the arrival of a new risk leader.

If you’re considering adding a dedicated position to champion risk management at your nonprofit, it’s possible that you might identify with these statements:

  • In the next year, it’s a goal to strengthen risk management, formalize our frameworks, and build a cadence for completing regular internal risk assessments.
  • We desire to evolve from operational risk management capabilities to Enterprise Risk Management to help us embrace risks to advance our mission.
  • There’s a hope and a desire to add bench strength to our risk program by bringing in a subject matter expert who can inspire risk-aware thinking and risk-taking.

You May Need a Risk Leader If…

While it’s true that a Director of Risk Management can advance and evolve risk functions at your nonprofit, not every organization will need a dedicated position to achieve its risk goals. To better understand if you’re ready to develop this role for your organization, consider these statements:

  • Risk responsibility feels scattered and lacks coordination. Often, staff do not know where to find sage counsel when risks arise.
  • The board is requesting risk reports to help them discharge their risk oversight role. They want to better understand the organization’s top risks. We need to better understand and manage the promising risks we need to take.
  • Multiple leaders are sharing risk management responsibilities. There’s a sense that everyone is overwhelmed and cannot devote the time necessary to truly bake-in risk awareness.

If these statements resonate with you, it’s possible that your organization would benefit from developing a separate position to champion your risk program.

On the other hand, if there’s concern for how to articulate the duties a new risk leader would take on, or your organization is experiencing a power struggle to determine who a Director of Risk Management would report to, now’s not the time to add a new position! Instead, consider gathering a focus group to examine your risk function closely and map out what your mature risk program would look like. From there, ask team members to consider and catalog the types of risk-related activities they perform daily for 3 months. With this detailed data, leaders may find clarity for how a separate position may be able to direct, champion, and evolve the risk program.

Risk Leader Recruitment Tips

After establishing support and buy-in to develop a dedicated risk leader position, there are several steps leading up to the recruitment process and post-hire that can set the stage for success and smooth the transition of centralizing a risk function led by a new position.

  1. Socialize the new position in advance. It’s foundational when teams throughout the organization are in lockstep regarding the expectations for the new risk leader position. One way to achieve this synchronicity is to socialize the draft position across the organization long before you post it and begin recruiting.
  2. Seek collaboration during screening. Identify the team members who will be working closely with, rely on, or report to your risk leader every day. Include this group in the screening process. This inclusive approach can help vet the compatibility of the future team to manage and openly discuss emerging risks.
  3. Ramp up with an onboarding plan. For new risk roles, consider drafting a six-month onboarding plan that describes, month-by-month, the risk leader’s top priority, key tasks, and expected outcomes of their work. Recently, the NRMC team helped a consulting client create such a plan. After it was finalized, we saw a new sense of urgency about filling the new Director of ERM role and generated excitement over the arrival of the new leader.
  4. Reach out for help! Recruiting the right risk leader can be a daunting task. We are available to support or lead a recruitment effort. Our team can work with you to draft and tweak a position description, create an onboarding plan, screen incoming applications, design and lead interviews, check references, and more. During these engagements, NRMC is available at each step to offer our inside perspective and insights on finding the right risk leader to fit your unique mission.We can also assist by making sure your job posting is seen by professionals in the sector. We will post your risk role announcement on org and in this RISK eNews or our members-only publication, The Risk Insider. There’s no cost for the posting; however, your organization must be an active Affiliate Member, and the role must be risk-related!

Deciding to create a risk leader role has less to do with the size of your organization, the complexity of your risk program, or the collection of risks facing your organization. Instead, it has more to do with the importance of taking risks to advance your mission and recognition of the potential value of having a subject matter expert on hand. Through thoughtful planning and execution of a deliberate development, recruitment, and onboarding process, the addition of a new risk leader becomes a worthy adventure to fortify your mission.