wic 104 – risk management and business continuity …€¦ · • risk management planning is...
TRANSCRIPT
WIC 104 RISK MANAGEMENT AND BUSINESS CONTINUITY PLANNING FOR LOCAL
WIC AGENCIES Peg Jackson, DPA, CPCU
National WIC Association
Learning Agenda – Week 2
Week 2 – Risk Management Planning
• Risk Management as an integral part of the daily routine of a WIC Office.
• How to prepare a fast and easy Risk Management plan.
What is Risk Management?
Risk Management is the means by which an organization: – Identifies and prioritizes risk
areas – Develops strategies to deal with
risk areas – Integrates risk management best
practices into everyday operations.
5 Common Myths About Building a Risk Management Plan
1. It takes forever.
2. It will involve a lot of navel gazing.
3. It will step on toes.
4. The finished plan will be 4” thick.
5. It gathers dust on the shelf once it is
finished!
Having an effective Risk Management
plan helps your WIC Office to:
Take a pro-active approach to reducing the potential for accidents, injuries or other events that could damage your organization’s reputation, cause financial loss or impact your ability to purchase affordable coverage.
Transform your organization’s “culture” to one that values safety and security for everyone.
Maintain the confidence of donors, funders, staff, clients and other important stakeholders.
Isn’t Risk Management Just Purchasing Insurance?
• Risk management looks at your entire organization, not just specific areas.
• Risk management is ongoing and involves everyone in your organization.
• Insurance coverage is limited to specific perils, under specific conditions, subject to specific exclusions.
• Too many claims and losses can cause your insurance carrier to cancel your policy or raise your rates to an unaffordable level.
What Are the Key Activities in Risk Management?
5. Schedule the next round of planning
4.Monitor for results.
3. Select a
strategy to deal with the
risks.
2. Prioritize Risks
1. Identify Risks
Risk Management
Plan
Step 1: Identify risks In each of the four organizational areas
Look for these clues: Recent insurance claims (the past 3-5
years). Common complaints from staff,
volunteers, clients or other stakeholders. HR problems. “Shrinkage”, disappearance, or sabotage. IT problems that interfere with normal
operations Adverse publicity. Recent developments in the organization
world, particularly in recent litigation and court decisions.
To Review: Four Basic Organizational
Components
• Board and Governance • Human Resources – employees
and volunteers • Operations • Relations with the Public
(PR and Fundraising)
Examples of Risk Areas Related to Governance & Executive Level
Executive management style is toxic or dysfunctional.
Management style – increases liability potential.
No Conflict of Interest Policy or Code of Ethics.
Internal conflicts present barriers to achieving Strategic Goals.
10
Examples of Human Resources Risk Areas
No background or credit checks for employees who handle money or work with minors. Volunteers should be screened and supervised if they handle money or work with minors.
No policies and procedures for progressive discipline/termination procedures for employees or volunteers.
No HR policies on harassment/discrimination. The three areas that contribute to the most
claims: Wrongful termination Sexual harassment Work Comp issues
11
Examples of Operational Risks Frequent workplace accidents and workers
compensation claims and no consequences for supervisors whose departments have frequent workplace injuries.
Customer service – clients believe that they are treated with disrespect or in a differential fashion.
Inadequate supervision and/or planning for programs related to children and youth.
Buildings and grounds not properly maintained or supervised.
Financial mismanagement – lack of internal controls.
IT issues – network, website and document management. No plan for dealing with a data breach.
12
Examples of Reputational Risk Areas
WIC Office – nature of the operation and services provided.
No media/ public relations system in place.
No crisis communication plan to deal with an emergency situation.
No designated spokesperson. Employees and volunteers feel free
to comment to media.
13
Step 2: Prioritize risks
For the first round of risk management planning, choose a manageable number of risk areas. What are the areas that are of greatest
concern? Sources of accidents/injuries? Areas in which the organization is not in
compliance with federal/state regulations? Other reasons why a risk area might take
priority.
Your organization will have another opportunity to address risk management planning in 3-6 months. After 2 years, then schedule the risk management planning on an annual basis.
Step 3: Selecting a Strategy for Dealing with the Risks
Remember: You can always combine strategies!
Avoidance – “Don’t go there!”
Retention – Increase deductibles; pay for
small claims with organization resources.
Modification – Take action to reduce frequency and severity of risk.
Transfer – Pass the financial risk to another party, i.e., the insurance company or additional or named insureds.
Be sure to describe what a
successful outcome looks like!
Execute the Strategies
For each risk strategy, assign who is going to do what by when. Be sure to specify deliverables and quality standards. Who will supervise the risk management strategy implementation and ensure action is completed. Plan for the next round of risk assessment in 3-6 months.
Step 4: Monitor for Results Were there fewer accidents or “close
calls”?
Are new internal controls working?
Fewer customer service complaints?
Review industry loss trends (social
service agencies) to benchmark your
success.
Step 5: Schedule the next round of planning
Every 3-6 months for the first two years.
The number of risk areas that are addressed in each round should be manageable to ensure that everyone involved can fully execute the selected strategies.
Dealing with a smaller number of risks at first allows your organization to more effectively assess whether the strategies chosen are actually working.
Working with Trusted Advisors
Having a risk management plan in place strengthens your relationship with important professional advisors.
Insurance Professional Attorney Accountant and/or banker IT Professional Financial Advisor
Risk Management Planning will move your organization to the next Level
Summary
• Risk Management Planning is essential to identifying and mitigating those risk areas that pose the greatest threat for adverse events.
• Risk Management Planning is not complicated, but must become part of your WIC Office’s operational routine.