In preparation for Eva and Nura’s webinar next Thursday the 20th, I present this 2012 article from the Nonprofit Quarterly “Risky Business: Why All Nonprofits Should Periodically Assess Their Risk.”
It’s about periodic risk assessment for nonprofits, from a broad management view point. This article addresses risk assessment for your organization and brand, not just your technology risks. It’s a good philosophical starting point to think about the types of threats out there, your organizational culture, and the budgeting and processes you need for monitoring and avoiding risks.
From the article: “Risks can be broadly conceptualized into two categories: risks an organization should usually seek to avoid (what I will refer to as “threat risks”), and the risk of failure… Threat risks can result in fines, penalties, liabilities or even loss of tax exemption and can be operational, legal, financial, or related to the investments of the organization.” Technology risks – both those enabled by technology, or risks to your technology investments – can be categorized as threat risks, but are only part of the whole picture.
Do join us October 20th from 4-5pm EDT when we discuss our framework for performing IT specific risk assessments, how often you should revisit your analysis, and the next steps to take to lower your IT-related risks.