WIC 104 RISK MANAGEMENT AND BUSINESS CONTINUITY PLANNING FOR LOCAL

WIC AGENCIES Peg Jackson, DPA, CPCU

National WIC Association

Learning Agenda – Week 2

Week 2 – Risk Management Planning

• Risk Management as an integral part of the daily routine of a WIC Office.

• How to prepare a fast and easy Risk Management plan.

What is Risk Management?

Risk Management is the means by which an organization: – Identifies and prioritizes risk

areas – Develops strategies to deal with

risk areas – Integrates risk management best

practices into everyday operations.

5 Common Myths About Building a Risk Management Plan

1. It takes forever.

2. It will involve a lot of navel gazing.

3. It will step on toes.

4. The finished plan will be 4” thick.

5. It gathers dust on the shelf once it is

finished!

Having an effective Risk Management

plan helps your WIC Office to:

Take a pro-active approach to reducing the potential for accidents, injuries or other events that could damage your organization’s reputation, cause financial loss or impact your ability to purchase affordable coverage.

Transform your organization’s “culture” to one that values safety and security for everyone.

Maintain the confidence of donors, funders, staff, clients and other important stakeholders.

Isn’t Risk Management Just Purchasing Insurance?

• Risk management looks at your entire organization, not just specific areas.

• Risk management is ongoing and involves everyone in your organization.

• Insurance coverage is limited to specific perils, under specific conditions, subject to specific exclusions.

• Too many claims and losses can cause your insurance carrier to cancel your policy or raise your rates to an unaffordable level.

What Are the Key Activities in Risk Management?

5. Schedule the next round of planning

4.Monitor for results.

3. Select a

strategy to deal with the

risks.

2. Prioritize Risks

1. Identify Risks

Risk Management

Plan

Step 1: Identify risks In each of the four organizational areas

Look for these clues: Recent insurance claims (the past 3-5

years). Common complaints from staff,

volunteers, clients or other stakeholders. HR problems. “Shrinkage”, disappearance, or sabotage. IT problems that interfere with normal

operations Adverse publicity. Recent developments in the organization

world, particularly in recent litigation and court decisions.

To Review: Four Basic Organizational

Components

• Board and Governance • Human Resources – employees

and volunteers • Operations • Relations with the Public

(PR and Fundraising)

Examples of Risk Areas Related to Governance & Executive Level

Executive management style is toxic or dysfunctional.

Management style – increases liability potential.

No Conflict of Interest Policy or Code of Ethics.

Internal conflicts present barriers to achieving Strategic Goals.

10

Examples of Human Resources Risk Areas

No background or credit checks for employees who handle money or work with minors. Volunteers should be screened and supervised if they handle money or work with minors.

No policies and procedures for progressive discipline/termination procedures for employees or volunteers.

No HR policies on harassment/discrimination. The three areas that contribute to the most

claims: Wrongful termination Sexual harassment Work Comp issues

11

Examples of Operational Risks Frequent workplace accidents and workers

compensation claims and no consequences for supervisors whose departments have frequent workplace injuries.

Customer service – clients believe that they are treated with disrespect or in a differential fashion.

Inadequate supervision and/or planning for programs related to children and youth.

Buildings and grounds not properly maintained or supervised.

Financial mismanagement – lack of internal controls.

IT issues – network, website and document management. No plan for dealing with a data breach.

12

Examples of Reputational Risk Areas

WIC Office – nature of the operation and services provided.

No media/ public relations system in place.

No crisis communication plan to deal with an emergency situation.

No designated spokesperson. Employees and volunteers feel free

to comment to media.

13

Step 2: Prioritize risks

For the first round of risk management planning, choose a manageable number of risk areas. What are the areas that are of greatest

concern? Sources of accidents/injuries? Areas in which the organization is not in

compliance with federal/state regulations? Other reasons why a risk area might take

priority.

Your organization will have another opportunity to address risk management planning in 3-6 months. After 2 years, then schedule the risk management planning on an annual basis.

Step 3: Selecting a Strategy for Dealing with the Risks

Remember: You can always combine strategies!

Avoidance – “Don’t go there!”

Retention – Increase deductibles; pay for

small claims with organization resources.

Modification – Take action to reduce frequency and severity of risk.

Transfer – Pass the financial risk to another party, i.e., the insurance company or additional or named insureds.

Be sure to describe what a

successful outcome looks like!

Execute the Strategies

For each risk strategy, assign who is going to do what by when. Be sure to specify deliverables and quality standards. Who will supervise the risk management strategy implementation and ensure action is completed. Plan for the next round of risk assessment in 3-6 months.

Step 4: Monitor for Results Were there fewer accidents or “close

calls”?

Are new internal controls working?

Fewer customer service complaints?

Review industry loss trends (social

service agencies) to benchmark your

success.

Step 5: Schedule the next round of planning

Every 3-6 months for the first two years.

The number of risk areas that are addressed in each round should be manageable to ensure that everyone involved can fully execute the selected strategies.

Dealing with a smaller number of risks at first allows your organization to more effectively assess whether the strategies chosen are actually working.

Working with Trusted Advisors

Having a risk management plan in place strengthens your relationship with important professional advisors.

Insurance Professional Attorney Accountant and/or banker IT Professional Financial Advisor

Risk Management Planning will move your organization to the next Level

Summary

• Risk Management Planning is essential to identifying and mitigating those risk areas that pose the greatest threat for adverse events.

• Risk Management Planning is not complicated, but must become part of your WIC Office’s operational routine.