Home / Support / Finance / Financial Procedures / Risk Management Notes

Financial Procedures: Risk Management Notes

Share this page

Share an article by email

  • This field is for validation purposes and should be left unchanged.

Identifying risks

Risk can be defined as “the threat that an event or action will adversely affect an organisation’s ability to achieve its objectives or execute its strategies”

The first stage in managing risks is to identify all the risks the PCC/church could be subject to.  At this stage you need to include everything you can think of however trivial or unlikely.

Risks fall into four broad categories:

1. Financial – this is usually the largest group

For example:

Budgeted income is not met, a fund raising event does not produce the income envisaged, investments fall in value, no tenant can be found for the parish house for 3 months, cheques are issued for incorrect amounts, money goes missing from the safe, a building project runs over budget.  Another example would be the loss of a major donor.

2. Reputational – risks that affect how you are perceived in the community

For example

Adverse reports in the local press, an argument between two senior church members gets into the local paper, the notice board still has Christmas service details up at Easter

3. Statutory and legal requirements

For example

Health and safety issues, Employment law, Child protection issues, Disability Access issues

4. Operational risks – risks that would stop the church functioning

For example

Fire damages the church building, theft of a large sum of money, vandalism in the church, illness of the vicar

Some risks will obviously fall into several categories – e.g. a toddler falling down stairs has health and safety implications but may also damage the church’s reputation.


Categorising risks

Once risks have been identified the next step is to categories them based on how likely they are to happen and how big the impact would be if they did happen

For example:

Fire in church – low likelihood/high impact

Window broken by vandals – high likelihood/low impact


Reviewing risks

Having categorised them each risk needs to be looked at – start with those which are high impact and high likelihood, then move on to those which are high impact low likelihood and so on.

For each risk consider what current systems are in place and whether they are adequate. For each risk you can either:

Accept the risk –it may be that the level of risk is acceptable especially if it is low impact.

Avoid the risk – at the other extreme you may decide that the risk is so serious that it has to be avoided altogether.

Sharing the risk – it may be that some activities could be carried out jointly with other churches.

Mitigating the risk – this means taking what reasonable steps you can to reduce the risk



to top