MEDIA RELEASE: Community Business Grants focus on risk opportunities for struggling not for profits

With a recent national survey showing that the pandemic continues to profoundly impact the sustainability of not for profit organisations across Australia, a new grant opportunity could be the much-needed lifeline for many that are struggling to identify and address the risks they face during the current period of uncertainty and beyond.

The Community Business Bureau (CBB) has fast-tracked the next round of its Community Business Grants program, which offers risk-focussed grants in the form of pro bono consulting support and expert advice from CBB’s sector-leading business consultants.

Continue reading…


Building organisational health as a competitive differentiator

It seems everything we read at the moment is talking about the global pandemic, technology changes, disruption, innovation and “pivoting” strategy.

In the pandemic, gin companies have shifted to making sanitiser and restaurants have moved to a takeaway product offering. But even before recent crises, there have been major shifts to disruptive technologies and business models going on for years.

In the past, you needed significant property assets to compete in the hotel business, but Airbnb has disrupted that sector without owning any property. Uber now undercuts decades old taxi companies without owning any vehicles. Netflix used online content to overtake the local Blockbuster store. Film camera company Kodak was overtaken by digital photography and consumers taking images on their phones instead of buying cameras.

All over the world, board members and CEOs are continually looking for the next competitive advantage only to discover that disruptive trends like this have changed the rules and challenged established business models. Continue reading…


Writing a risk policy

My insurer has asked if we have a risk management policy – where do we start?

Does this sound familiar? Or maybe you have one and it is that time of the year to review it again. Or perhaps the health and economic crisis flowing from COVID-19 has you looking at the risk policy again and wondering if you could have been better prepared?

Whatever the case, it does beg to answer the question of what should go in the risk policy? Continue reading…


Building a mature approach to risk governance

You have probably read about the importance of the Board’s role when it comes to providing oversight of risk management in an organisation. But how do you do this practically? What sorts of activities are common to organisations that have a mature approach to risk governance?

Boards play a key role in overseeing the culture, governance and risk management framework. Different organisations have varying degrees of sophistication and rigour as it applies to the practice of risk management.

Depending on the sector that your not for profit is operating within, there are differing and frequently changing compliance standards to comply with. New Aged Care Quality Standards came in to place last year which address governance and risk management systems. Continue reading…


Risk maturity

Does this sound like you or your organisation?…..

We’ve got a risk register and mitigation plans. We report to the Board on risk every meeting. We’ve got dozens of procedures that help us with compliance and work health safety. We’re accredited to the NDIS Quality and Safeguarding standards and maybe even another different accreditation body as well. We tick the boxes on what we need to do with clinical compliance. We even have a risk policy that was based on the international standard. Surely, we are doing everything we need to on risk management, right?

Maybe. If this example sounds like you, then you are certainly doing a lot of things right on risk management, and that is really important for minimising the risk of incidents and ensuring you achieve the objectives in the strategic plan that you are aspiring towards. Continue reading…


Keeping a regular eye on risk

Has there ever been a more important time to be monitoring new and emerging risks to your organisation? Perhaps it is becoming one of 2020’s most overused words that we are living in “unprecedented” times.

The emergence of the global coronavirus pandemic this year has forced every organisation to review its business continuity plan and take a number of other steps to ensure the safety of employees and clients, modify operations, change marketing priorities and shore up the financial position.

On the subject of coronavirus, CBB have shared a link to some resources available through the South Australian Department of Human Services via our LinkedIn page which readers may find of interest. Other information is available from the NDIS Quality and Safeguards Commission. Continue reading…


The need for a whistleblowing policy

We have seen recently World Vision Australia reported on ABC news, with a staffer suspended pending investigation into an alleged conflict of interest, with the Sydney Morning Herald (SMH) saying that World Vision brushed off reports of corruption.

silver whistle

The articles describe allegations wherein the father of a senior employee was engaged to advise on the procurement of printing contracts for the organisation, and that he collected commissions from the printing company that were never disclosed to World Vision Australia.

The SMH article describes that a whistleblower made enquiries to meet with the CEO, but that the CEO’s office alerted the employee who was the subject of the allegation and did not investigate the matter appropriately.

Sadly, it is not just the corporate sector where organisations can fail to live up to their values, and the not for profit sector is not immune to this type of conduct. Continue reading…


Five steps to protect your organisation from cyber risk

Former Director of the FBI Robert S. Mueller, III, made the famous quote that:

“There are only two types of companies: Those that have been hacked and those that will be hacked.”

And others have since moved to suggest that the quote should now be: “There are only two types of companies: those that have been hacked and those that don’t know they have been hacked.”

It is unfortunate that not for profit organisations are sometimes the target of a cyber-attack. Given that not for profits often hold a lot of personal data, they can be seen as a soft target. Attackers also don’t need to have a lot of data about a person in order to perform identity theft, so the consequences can be significant if personal data is stolen.

Being the subject of a cyber attack can have wide ranging impacts on the organisation; including damage to reputation, financial losses and an inability to service clients during any downtime caused by the incident. Continue reading…


Key person risk – Is your organisation vulnerable?

If your business depends on you, you don’t own a business – you have a job. And it’s the worst job in the world because you’re working for a lunatic!
– Michael E. Gerber

Organisations can live forever, but people cannot. In the UK, the oldest not for profit organisation is said to be King’s School, Cantebury which was established more than 1400 years ago in 597.

There are many factors that contribute to the longevity of an organisation and one of them is ensuring that key person risk is mitigated.

Continue reading…


Risky business: How to effectively manage risk in your NFP

We are in control of all the risks, we know them all and we have strategies in place if they occur. There’s nothing we can’t handle. We have a risk minimisation/risk aversion position amongst our decision makers and the organisation has comprehensive policies and procedures in place that ensure we mitigate all risks. We have insurances in place as well as having developed and put in place an extensive number of control points to ensure very little can go wrong.

Sound familiar? Whilst all of the above makes it sound as though the organisation is in control, it can also be the organisation’s Achilles Heel… Continue reading…