People today live with more uncertainty than in the past. To some extent, this is because new technology and vehicles of communication, not to mention a more global social, political, and economic environment, have created a new vision of how society functions as a whole. Imbedded in this new world, the not-for-profit plays a significant role in recognizing and overcoming uncertainties, attempting to improve the quality of life, and moving toward sustainability in a more complex world. This is accomplished not only on a global scale, but also community by community.

It is safe to say, without sounding naïve, that not-for-profits strive for the common good, each unique to its individual mission and the community it represents. Community is not just defined by geographic terms, but also by the needs of the community, be they medical, behavioral, economic, religious, educational, or cultural. The modern social, political, and economic environment brings with it, in its diversity and ability to operate within its own framework, a renewed sensitivity and awareness of risk. People and institutions face myriad risks daily and make decisions with such risks in mind. Acknowledging risk in advance can help identify the degree of success or failure of future plans. In the modern world, however, many new risks are constantly developing due to the changing society and marketplace. Faced with all this, what is the responsibility of any not-for-profit to confront its risk environment? What can and should any organization do to mitigate and manage those risks and continue to maintain confidence and sustainability in its mission?

Internal Risk Considerations Broadly speaking, risks can be categorized as either internal or external. Internal risks come from elements within the operations of an organization, including risks involved with running programs to meet its mission and the related administrative, fiscal, and other management efforts to support these programs. Each organization has its own unique structure, key operating elements and personnel, but the following items are always relevant when making internal risk assessments. Program-related risks. All contracts with funders, particularly government sources, should meet the legal and regulatory requirements of such contracts, and all services provided should meet the requirements for those qualified to perform and receive such services. In addition, all other requirements for funder or donor requests and mandates should be adhered to in the application of such funds to the programs identified. All facilities involved in the not-for-profit’s mission must meet local codes of maintenance and related legal ordinances on usage and security of such facilities. Finally, all regulatory requirements pursuant to and consistent with other organizations in the not-for-profit industry should be followed strictly. Administrative, personnel, and support risks. Background checks should be performed on all personnel, not only to prevent potential legal and other undesirable past issues, but also to ensure that all potential personnel have the capability to perform their prospective duties. Appropriate levels of insurance should be in place for all applicable needs, including facilities, personal injury, professional misconduct, directors and officers, and business interruption insurance, as well as all other property and casualty applicable to the not-for-profit’s operations. Of course, all regulations relating to payroll and related employee benefits should be followed to the letter. All board members, volunteers, and other interested parties should be kept up to date on the organization’s activities, particularly during implementation of new programs, onboarding of new management, or other significant changes in operations. Communication with donors and the public should be monitored to ensure timeliness and clarity. Finally, strong measures should be in place to protect all sensitive internal data and operating systems, whether in electronic or hard copy form.