Hope everyone is having a nice week!
I must say, I’m not privy to all of the backend/management of the organisation’s risks, however understand some of the processes (which I think is important from a risk perspective – having all employees understand the basics/where to go – at least).
As discussed with Mark in our last session, risk in a development organisation can look different to risk in an aid organisation. I work in a development organisation, and one of the risks that are managed are financial/compliance risks:
Establishing context: we need to understand the compliance requirements for all the countries we work in – led from local colleagues/lawyers/specialists
Risk assessment: identifying, analysing and evaluating the risks and what is required for ongoing compliance (given the rules change all the time!). Making sure that the correct people in the organisation understand this.
Risk treatment: continually working with local staff and specialists to ensure organisation is compliant.
Monitoring & review: these risks need constant monitoring as compliance rules change/there are annual obligations etc.
Communication & consultation: this happens throughout the process with specialists (eg lawyers) in the country we are working in.