Traction, Not Distraction: Sorting the Elements of Your Risk Function
Estimated Reading Time: 4 minutes
By Melanie Lockwood Herman
Executive Director
I’ve recently been reading Indistractable, by Nir Eyal. One concept that resonated was the distinction between traction and distraction. Borrowing from Eyal’s insight that “distractions impede us from making progress towards the life we envisage,” I’ve identified a handful of familiar steps and strategies that inspire traction… and others that spawn distraction in nonprofit risk functions.
Seeking Traction? Do This.
- Avoid ‘jargon monoxide,’ a clever term coined by Kathy Klotz-Guest to describe buzzwords and language that tries to sound smart, but shrouds clarity and inspires skepticism. Over NRMC’s history, we have used perhaps a dozen phrases and sentences to define risk. Last Fall we decided a single word—possibilities—is our favorite definition to date. The simpler we make it to talk about risk, the more willing people will be to participate.
- Create a one-slide visual for your Risk Framework. Choose two or three goals for your framework. Perhaps your framework:
- Explains a few criteria for sorting risks into two lanes: governance (board gets involved) and management (staff teams address risks).
- Outlines a handful of responsibilities for each group, including the responsibility to escalate or delegate risks.
- Shows the connection between risk management and your mission.
- Pause something you are doing in risk management long enough to think hard about it. Eyal cites a 2014 study published in Science whose authors concluded that “People prefer doing to thinking, even if what they are doing is so unpleasant that they would normally pay to avoid it.” Let’s face it, when we design and adopt risk rules, training, and requirements, we expect they will be in place for a long time, saving us the need to go back to the drawing board. Yet that assumption gets us into trouble. A static rule, expectation or instruction may not make sense in a dynamic organization that must respond, adjust and adapt to its equally dynamic risk landscape. A rule that made perfect sense at one time may make no sense today.
- Revisit the goals and meeting formats of your staff risk committee. Identify the accomplishment or impact you’re most proud of. Reflect on how to leverage that impact this year. Identify tasks that wound up being unproductive or led the team down rabbit holes. Imagine how it would feel if participants left every meeting feeling grateful they were present and didn’t miss the conversation.
To Dispense with Distraction, Stop Doing This.
- Wrestling with a risk framework or rulebook that is impossible to explain. Our team appreciates when a client, prospective client, or Affiliate Member shares the materials they use to support their risk management goals. But we’re often dismayed to see needless complexity and hastily borrowed solutions. Stray references to organizations other than the client are a sure sign information was copied and pasted from elsewhere.
- Conflating compliance and risk management. I was delighted when a client asked me to describe the difference between compliance and risk management during an engagement kick-off meeting. The compliance obligations of a nonprofit can be onerous, disconcerting, and vague. Regardless, two steps are key: understanding and action. Compliance refers to the things we are expected, obligated, and bound to do. Risk management is decidedly different. In the words of the wise, former NRMC board member Felix Kloman, “Risk management is a discipline for dealing with uncertainty.” Strategies to cope with uncertainty are chosen, not pre-ordained. It’s what makes the discipline so interesting to our team.
- Trying to bury the “elephant risk” in a colossal risk register. As we discussed in Manage Risk With Intention This Year, nonprofit leaders sometimes avoid talking about the most worrisome risk—the elephant in the room. How can you hide an outsized risk? When a team’s focus is distracted because it is trying to identify every risk, they won’t have the time, energy and clarity to unpack and address the most concerning risk.
- Focusing on proximate, instead of root causes. On his website, principles.com, Ray Dalio explains that “Proximate causes are typically the actions (or lack of actions) that lead to problems, so they are described with verbs (I missed the train because I didn’t check the train schedule).Root causes run much deeper and they are typically described with adjectives (I didn’t check the train schedule because I am forgetful). You can only truly solve your problems by removing their root causes, and to do that, you must distinguish the symptoms from the disease.” Proximate causes are the familiar scapegoats in conversations about concerning risks. For example, we imagine that a risk is possible because ‘staff did not follow our rule/process/training’. Yet in too many cases, the root cause of risk is not the usual suspect.
If you focus on small changes that open new pathways, and act boldly to phase out risk approaches that no longer serve you, you will build a strong risk function and readiness to weather passing distractions.
Melanie Lockwood Herman is executive director of the Nonprofit Risk Management Center. Her new book, Possibilities: A Risk Management Guide for Nonprofit Teams is available in ePub and paperback formats. Her new white paper, Manage Risk With Intention This Year is available here. She welcomes your questions and the opportunity to connect—about any possibility—facing your organization at Melanie@nonprofitrisk.org or 703-777-3504.
“One thing I love about the Risk Summit is the opportunity to connect and learn from other risk managers, nonprofit professionals, and NRMC staff. I have attended the Risk Summit multiple years and always look forward to connecting with returning attendees and meeting new people. The Risk Summit brings together a diverse and engaged set of professionals who are ready to learn, share, and connect.”
— Heather Chadwick
“I love the Risk Summit because I always learn something valuable, such as new approaches to the issues I’m grappling with. I always leave the Risk Summit with a notebook full of practical ideas. I also leave with an expanded network of professional acquaintances and a feeling it was the most useful conference I’ve been to in quite a while. I am in awe how such a topic as risk management can be artfully delivered.”
— Paul Doman
“One thing I love about the Risk Summit is the ability to see and feel the passion of nonprofit leaders as they learn and share together.”
— Michael Schraer
“One thing I love about the Risk Summit is connecting and learning from / with really great people.”
— Lisa Prinz
“First let me congratulate you on a conference well done. I had a great time at the Nonprofit Employee Benefits Conference and walked away with some valuable tools and questions that we’ll need to be addressing in both the short and long term. Thanks to you and your staff for all you do to provide us with quality resources in support of our missions.”
— Scott Brown, Mohonk Preserve
“BBYO’s engagement of NRMC to conduct a risk assessment was one of the most valuable processes undertaken over the past five years. Numerous programmatic and procedural changes were recommended and have since been implemented. Additionally, dozens (literally) of insurance coverage gaps were identified that would never have been without the work of NRMC. This assessment led to a broker bidding process that resulted in BBYO’s selection of a new broker that we have been extremely satisfied with. I unconditionally recommend the Center for their consultative services.
— Sidney Abrams, BBYO
“Melanie Herman has provided expert, insightful, timely and well resourced information to our Executive Team and Board of Directors. Our corporation recently experienced massive growth through merger and the Board has been working to better integrate their expanded set of roles and responsibilities. Melanie presented at our Annual Board of Director’s Retreat and captured the interest of our Board members. As a result of her excellent presentation the Board has engaged in focused review which is having immediate effects on governance.”
— Pamela Mattel, Basics Promesa Systems Inc
“The Nonprofit Risk Management Center has been an outstanding partner for us. They are attentive to our needs, and work hard to successfully meet our requests for information. Being an Affiliate member gave us access to so many time- and money-saving resources that it easily paid for itself! Nonprofit Risk Management Center is truly a valued partner of The Community Foundation of Elkhart County and we are continuously able to optimize staff time with the support given by their team.”
— Jodi Spataro, Community Foundation of Elkhart County
“The board and staff of the Prince George’s Child Resource Center are extremely pleased with the results of the risk assessment conducted by the Nonprofit Risk Management Center. A thorough scan revealed that while we are a well run organization, we had risks that we never imagined. We are grateful to know that we have now minimized our organizational risks and we recommend the Center to other nonprofits.”
— Marti Worshtil, Prince George’s Child Resource Center
Great American Insurance Group’s Specialty Human Services is committed to protecting those who improve your communities. The NRMC team has committed to delivering dynamic risk management solutions tailored to nonprofit organizations. These organizations have many and varied risk issues, hence the need for specialized coverage and expert knowledge for their protection. We’ve had Melanie speak on several occasions to employees and our agents. She is always on point and delivers such great value. Thank you for the terrific partnership and allowing our nonprofits to focus on their mission!