First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

An ounce of preparation

crisisFloods and fires and tragic accidents keep hitting close to home in the West. Ice storms and power outages and horrific weather causing vehicle pile-ups are happening in the East. Any of these terrible events could involve volunteers, staff or service users of a charity or not-for-profit organization. As these incidents play out on national television and newspapers and infiltrate social media, I am reminded that planning for a crisis and responding to a crisis in an organized way is key.

Most organizations are incorporated because they provide services or undertake activities that come with risks. The corporate structure protects the individuals involved, whether they be volunteers or staff, from personal liability. If the corporation is properly operated then this protection will prevail. However, protecting the organization itself from the effects of a crisis takes some planning. Consider the following 5 steps that every organization should take to be aware and be prepared.

1. Identify the risks

Brainstorm about all the activities that the organization undertakes on a daily, monthly, annual or every once in while basis. Identify the worst possible thing that could happen. Use your imagination. You would be surprised at how a group of people thinking about risks can come up with some of the most tragic scenarios. This is a good exercise for all organizations to undertake to see the actual potential risks that they are facing. It will be an eye opener.

2. Manage the risks

Once the potential and most realistic risks for the organization have been identified then there are many ways to manage the risks. Consider the following:

  • Decide not to do the activity at all that might lead to the risk(s). Avoidance is a great strategy.
  • Get advice from a properly accredited insurance broker, knowledgeable in the type of risk(s) you are discussing to insure against the risk(s) in the amount that is appropriate for the potential damage.
  • Carry on with the risk(s) but be mindful of the 3 P’s below for your risk management process:
    1. Policy: Have a policy to deal with the different potential risks. Strike a committee to draft them.
    2. Procedures: Outline procedures to be followed in any crisis. Checklists are great.
    3. Practice: Try the procedures on a regular basis so everyone is aware of how they work. Fire drills are familiar to people.

3. Pick your team

Create a team that is ready to act in the event of any crisis or tragedy that could befall the organization. Make sure that everyone understands their role and that all-important information is easily accessible to all team members in the event of a crisis. Create checklists for all team members to use and ensure that they can follow the checklists. Have ready-made things, such as fact sheets and information about the organization that team members can quickly send out in the event that they need to inform others. Training is key and that is part of the planning. Train all team members on a regular basis as to what they are expected to do. Simulate a crisis scenario.

4. Communications and media

This could be the most important part of your crisis management if you value the reputation of your organization. What you say to the media and what is communicated in social media could be the difference between a managed crisis or one that spirals out of control. Prepare a media information kit about your organization that can be readily sent out in the event of a crisis. Clearly identify and provide training for the front facing team members of the organization and carefully plan and restrict what is said about the organization in the media and social media in the case of a crisis. Make sure that every team member in the organization knows who the designated spokespersons are and the policy for anyone else speaking to the media. As a general practice, maintain good relations with all media, so that in the event of a crisis there will already be a built-in level of awareness and trust.

5. Review and evaluate

On a regular basis review your crisis management policies, procedures, teams and communication plans. Make sure the plans are still workable. If you do go through a crisis and use your crisis management policies, procedures, teams and communication plans, then evaluate what went right and what went wrong and revise as necessary.

There is no need to reinvent the wheel in this crisis management initiative. There are many resources online and common-sense articles, checklists, and manuals about crisis management and all the points discussed above. The key, obviously, is to do it so that when a crisis hits the organization will be ready. When the crisis is upon you it will be too late. As the saying goes, “an ounce of prevention is worth a pound of cure.” However, in the case of an unwanted crisis, where there is no cure, I would just say an ounce of preparation is just simply worth it!

Author: C. Yvonne Chenier, Q.C., Drache Aptowitzer LLP, Calgary, Alberta

Follow me

Drache Aptowitzer LLP

Tax and Charity Lawyers at Drache Aptowitzer LLP
Drache Aptowitzer LLPis one of Canada’s foremost experts in the law related to charities and non-profit organizations. Their team of bloggers is led by Adam Aptowitzer LLB. He is a lawyer practicing in the areas of charity and tax law. He is a member of both the bars of Alberta and Ontario. He has been speaking and writing on the topic of charity law for several years and been published in numerous publications including the Canadian Taxpayer, the Canadian Fundraiser and the Not-for-Profit News and has been cited as an expert in many publications including the National Post.Read more here
Follow me

Latest posts by Drache Aptowitzer LLP (see all)

Send to Kindle

, , , , , , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

This site uses Akismet to reduce spam. Learn how your comment data is processed.