Risk Register: Difference between revisions

Latest revision as of 10:36, 21 December 2014

WMUK RISK MANAGEMENT FRAMEWORK - THIS DOCUMENT HAS SINCE BEEN REPLACED BY A MORE MODERN VERSION REPORTED QUARTERLY TO THE BOARD OF WMUK.

Introduction

At the 17 November 2012 WMUK Board meeting this policy and paper was agreed and that the Board delegate staff to assess our risks, create a strategy to deal with them and report back to the next board meeting.

Specifically:

We formulated a general statement about risk culture.
Agreed a format for staff and Board to oversee and manage risks.
Agreed that a set of risks is identified and put through the impact/likelihood formula to become the risks that are monitored/managed.
Agreed a frequency of CEO and Board oversight of risks.

Explanation of terms

Ways of looking at risk

The typology of risks aims to keep a focus on the big picture and to classify them in such a way as to seek to cover all major types of risks. This framework distinguishes between the sources of risk (risk from) and the impact of risk (risk to). Risk sources and impacts are of course interconnected – for example poor quality services can damage the charity financially and/or reputationally, while reputational impact can affect support for the organisation.

Explanations of sections in the paper

Underlying approach to risk: WMUK ‘Risk Appetite’

Prior to setting out and assessing the major risks, the WMUK’s board considered its approach to the main categories of risk impact. How willing is WMUK to countenance the threats that might arise, and therefore how will it determine its approach to mitigating and controlling them?

Discussions around the WMUK approach to risk and some measure of agreement on the general statement form a key part of WMUK’s ‘strategic planning’. The general statements help underpin the Risk Strategy, and enable staff to understand/influence the way the Board is thinking.

Risk assessment and analysis

Given the framework set out in the main paper, the Board agreed WMUK’s assessment analysis of significant risks. Some risks lend themselves to the risk register approach and traffic-light style reporting via CEO, but those risks that potentially arise at Board level concerning its leadership and strategy function need slightly different treatment.

The analysis and actions were agreed by the Board.

Prototype Risk Register

The third section shows how the risk report will look each quarter with the top five, or more if the CEO feels necessary, being reported to the Board. Risk issues that score only ‘low’ in the analysis will continue to be managed but no need to report on them quarterly unless things change significantly. Those issues are listed in the bottom section of the risk report just to enable them to be tracked.

Risk management framework

General statement on risk culture

The SORP 2005 puts the reporting of risk management firmly on the agenda of all auditable charities, and Charity Commission also strongly recommends it.

The Wikimedia movement is based on high risk very effectively managed – that is: the libel/slander risks of open creation of Wikipedia have been put securely at safe distance away from the Foundation and its chapters, through effective risk management.

Underlying approach to risk: WMUK ‘Risk Appetite’

Like any organisation WMUK has to countenance volatility and uncertainty. It will not accept - and will take all possible steps to reduce - impact on its existence and identity, and its reputation. It is strategically ambitious and is prepared therefore for some variation in its performance in achieving its strategic objectives. WMUK accepts that income and operational activities will always have a medium/high degree of uncertainty.

Willingness to accept risk/volatility
Item	1	3	4	5
	Low	Medium		High
Identity & Existence	√
Reputation	√
Strategic Performance		√
Income			√
Project – Operational performance			√

Comments relating to WMUK’s risk appetite.

Threats to WMUK’s have become a reality in recent months, and are sharper than to most charities, owing to its dual identity, UK charity and Internationally recognised websites – how much risk can it countenance to its future as a WM ‘Chapter’ or as a significant member of the global community? Being a relatively new charity means that turbulence is inevitable in the process of becoming established as a well-run charity. Actions to show best practice, such as working through PQASSO, have managed some of those risks well.
Reputation – operating very transparently in a very interactive community will mean that reputational issues are always alive. WMUK’s reputation is essential to its success and is the subject of much effort by staff and Board to grow it and defend it. Key audiences: Foundation, community, media, partners, public.
Strategic Performance – in spite of current focus on identity and existence issues, the 2013 programme plan and budget have been approved. WMUK’s strategy is likely to become more ambitious over the coming years, which may involve greater risk – for a greater potential prize.
WMUK Board is moderately risk averse on income, but could in fact be more ambitious and successful. Risk aversion on income can constrain strategic performance. Income uncertainty is the natural state, and many charities build their confidence over time by making progressive increases. Need to concentrate on our fundraising strengths rather than spread ourselves too thinly to little effect.
Board risk aversion on Project performance is shown in the detailed control it requires. Accepting that project success and failure can be delegated effectively down the line of management will free the Board and staff.

The quarterly reporting system linked to KPI’s will assist this. Items that need board approval need to have a clear decision system with timely deadlines.

How WMUK will manage risk: roles, responsibility and accountability

WMUK Trustees set the climate regarding risk and establish policies and procedures for identifying and managing risks in all aspects of their organisation. Each year they review the risks facing the organisation and approve priorities for the risk register.

Oversight of risk management will remain a board responsibility. Some leadership and strategic risks will be assessed and managed directly by the Board annually as part of the progress review, strategic planning process or Board performance self-review.

Risks that are delegated by the Board to the CEO will be reported on to the Board in the agreed format risk register at 3 month intervals by the CEO. The risk register will monitor risk management actions and changes to the probability of all ‘medium’ or ‘high’ risks. Risks assessed as ‘low’ will continue to be managed by CEO and staff but will not be reported quarterly unless there is a change to their status. The CEO will carry out all related Board policies and procedures and draw attention to changes in the (external) strategic risk environment as part of his quarterly report. The top five, or more depending on the judgement of the CEO, will be reported to the board.

Annually the CEO will prepare a report to the Board to update the assessment and analysis of the risks facing WMUK. The CEO will be held accountable through their annual appraisal for their delivery of effective risk management.

Operational risks will largely be delegated via the CEO to staff and they will be held accountable through their quarterly and annual plans and supervision and appraisal. `The top five significant operational risks, or more of the CEO judges it necessary, will routinely come to the Board, via the risk register and quarterly programme reports. Any significant operational risk issues that arise will be passed up the line of management, and to the Board where necessary and highlighted in quarterly progress reports.

Assessing and analysing the risks

In the risk assessment that follows, current judgements on probability and impact are shown clearly. The following matrix shows how the risk register will correlate impact and probability. Those risks that fall in the low score parts of the matrix will not be covered by the risk register, though they will continue to be managed, and brought to the Board’s attention if their rating increases to medium or high.

Impact against likelihood scoring
Impact	Low probability	Medium probability	High probability
High	Low score	Medium score	High score
Medium	Low score	Low score	Medium score
Low	Low score	Low score	Low score

High and medium score to be monitored quarterly with top five, or more should the CEO deem it necessary, being reported to the board.

Risk assessment and analysis

Major Risk source 1: leadership and strategy

Lack of clear strategy, or the wrong strategy, or the failure to identify opportunities and take advantage

Current analysis: Strategy to establish WMUK with growth within capacity of small staff team is modest but probably right; now that the Plan and budget for 2013 has been agreed, there is low probability but impact would be high on Performance and Reputation over the medium to long term. This low risk score means this risk will not be included in risk register.

Preventive and mitigation action: Plan for strong strategic planning process late in 2013 ready for 2014-15, with adequate time allocated, CEO and staff involved, good environmental analysis – plus some outside stakeholder/partner perspectives. More ambitious plans for 2014-2018 through 5 year plan.

Control and planning action: Quarterly reports from CEO linked to progress towards strategic objectives; quarterly, CEO to report on change or no change in risks from the external environment.; To delegate more, to higher value threshold, with appropriate reporting back (as in Compass report) unless failure or success threatens WMUK reputation, performance etc.; System of committees established to share decision making.; Consult community on forward planning and create five year plan.

Governance and leadership is ineffective

Current Analysis: Compass review has identified areas of strength and weakness that need addressing. As of January 2013 High probability of medium-high impact on Identity and Reputation in the short to medium term, and action urgently needed to address Compass recommendations.

Preventive Action: The Compass Review provides proposals to prevent this pressure affecting the work of WMUK. Board will need to respond positively to recommendations. This will in the short term bring heavy work-load for Board and there may be a need to bring in more capacity. (See Risk 3 below)

Mitigation action: WMUK Board and staff to keep communicating positive elements of WMUK’s work and strengthening links with Foundation and other partners

Control action: Ensure all meetings extremely well run, with excellent papers, agendas, minutes, decisions

Planning action: Plan for annual self-review of Board performance, and periodic independent assessment. In paricular development of functions of an Audit Committee and a Governance Committee.

Board capacity is insufficient for short term governance challenges

Current analysis: Following on directly from the above risk, the recommendations of the Compass Report will make serious demands on Board members’ time and on Board meetings over the coming months – to make key decisions, establish new policies and procedures, and rebuild WMUK confidence. There are current vacancies, pressure on individual trustees’ time and tensions in Board meetings. High probability and medium/high impact on identity/existence and performance.

Preventive and mitigation action: Fill vacancies urgently

Mitigation action: Delegate effectively to the CEO and staff and release Board time to concentrate Board agenda on strategic issues.

Control Action: Prioritise Board agenda very firmly, end meetings on time.

Planning Action: Amend Board size, and add new routes onto the Board as per the Compass Report. Focus agenda on most important high-level decision making.

Current environment risks

Current analysis: Foundation and WMUK have reflected on the risk of public loss of interest or confidence in Wikipedia – for example via emergence of alternative technologies, competitors. Staff rate this as currently Medium probability, with high impact – some preventive action already in hand. Longer term, the probability is likely to rise. Action is not urgent but needs an on-going and strategic approach.

Preventive Action: Outreach and partnership work to improve the quality of Wikipedia and other WM projects; also, tailor programme of activities to maintain confidence and usage. See also 6.2

Mitigation action: Build programme of activities to address these issues.

Control Action: Monitor efficacy against these aims with clear measurement and KPI’s

Planning action: Use Staff and programme planning tools to ensure issues being addressed.

Disagreements between Wikimedia UK and the Wikimedia Foundation (and international movement)

Current analysis: In some ways this is an extension of Strategic risk 2 above, and many actions are similar. A previous paper identified a situation where ‘The WMF takes actions which WMUK opposes’ & ‘WMUK takes actions which WMF opposes’. There remains a low probability of not fully resolving the dispute, but the impact would be high on the identity and existence of WMUK. Actions suggested have included:

Preventive Action: Board members to build relationships with Foundation Board and other Chapters and encourage all WMUK’s members to participate in WMFs consultations. WMUK staff to maintain good relations with WMF staff.

Mitigation action: Develop WMUK's reputation for good day-to-day management and address the issues raised in the governance report.

Planning Action: Develop programme of re-building confidence and carry out actions e.g. arising from Compass review. Consult with our partners before decisions are made, if practical. Encourage exchanges and other communications between staff and board members.

Major Risk Source 2: operational risks

Business capacity: inadequate to achieve our mission/goals (business continuity)

Current Analysis

Running out of office space would be high impact but current arrangements are flexible enough to make this a very low probability.

IT Capacity risks – staff believe are low probability, but would have high impact on performance, reputation and operations. Actions already in hand including:

Provision of professional IT contractor support have mitigated many of the IT and security risks.
Provision of welcoming space for volunteers needs to be enhanced.

Systems or policies risks: an excess of detailed, defensive policies

Current analysis: risk of developing too many detailed and defensive policies as issues arise and Board pursue a risk averse micro-management agenda. Medium probability of medium impact on performance and project activities e.g. by damping down staff initiative.

Preventive action: avoid resolving every concern with policy legislation; and delegate effectively to CEO and staff, holding to account for performance, business decisions.

Control action: annual review of policies to identify duplication and redundancy.

Conflict of interest problems recur

Current Analysis: Medium probability, high risk. CoI issues have been taken very seriously by WMUK and extensive work done to create gold standard policies. There is a danger that fear of CoI’s can lead to inertia.

Preventative action: Use the procedures consistently. Make sure everyone in the community understands them

Mitigation action: Ensure all staff and trustee induction explains the CoI issues thoroughly.

Control action: Policies applied sensibly and consistently. Formal agreements help minimise risks.

Project risks - scandal related to sensitive content or other issue on Wikimedia projects or WMUK sites

Current analysis: this has happened in last 12 months. Probability medium, impact high to reputation – though greater impact if numbers of scandals rise in one time period.

Preventive Action: Support and monitor editors.

Mitigation action: Training of staff and trustees in media interview techniques and work with public relations volunteers to make sure our response is reliable and available.

Major Risk Source 3: we have insufficient support to achieve our mission and strategy

Community fracture

Analysis: The UK community fractures or atrophies with disagreements between its members and constituent parts. Probability medium, impact medium

Preventive Action: Develop membership involvement and participation.; Widening participation especially within under-represented groups.

Mitigation Action: Offer feedback to comments from community in a timely and honest fashion.

Control action: Continue open and transparent systems to allow open debate whilst encouraging a presumption of good faith.

Hostile or apathetic media

Analysis: Media receptivity or support insufficient to achieve mission/strategy – risk is medium probability, high impact on reputation. For example inaccurate Telegraph articles. Media love Jimmy Wales and Wikipedia though; high impact because credibility is crucial.

Preventative: Be pro-active in making relationships with top 20 relevant journalists. Ensure consistent messages come from staff and board.

Mitigation action: Have responsive communications strategy, offer training to community members. Explain quickly to membership when things happen.

Planning action: Annual communications plan to complement comms strategy.

External opinion formers

Analysis: Decision-makers' receptivity or support insufficient to achieve mission– support and awareness building slowly, and it's right to be cautious – low probability but medium impact as major political decisions not crucial in short term.

Preventative: Build relationships with sympathetic organisations.

External supportive organisations

Analysis: Partners’ receptivity or support insufficient to achieve mission – WMUK has lack of capacity to develop outstanding partnerships, so medium probability that some will end badly, but low/medium impact. Board members setting up events with partners without involvement of staff will increase probability of breakdown in relationships;

Preventive action: proceed cautiously, ensure good communication between Board and staff.

Planning Action: invest in capacity for partnership work.; Ensure clear system of central referral to avoid duplication or inappropriate relationships.

Major Risk Source 4: financial risks

Poor financial performance or control presents risks to WMUK’s reputation and to its achievement of its plans for the future

Funding income risks: the WMF funding arrangements for Chapters changes

Current analysis: This has happened once although seems settled so this must be viewed in risk terms as both high impact, and medium probability. However impact has been cushioned because of mitigation action already taken to maintain a reserve fund so WMUK has time to downsize to a size appropriate to our new resource base after this change. WMUK needs to work to develop own direct fundraising.

Preventive action: Maintain positive relations with Foundation and wider community.

Ensure WMUK governance conforms to highest standards.

Control action: Maintain all best practice

Planning action: Follow good governance advice. Maintain current management and financial systems.

Economic downturn reduces flow of support from individuals

(high impact, low probability)

Analysis: Fundraising Manager reports no significant decline in support

Action: Develop diverse income sources.

Fundraising risk: Poor donor stewardship

Probability medium, impact medium

Analysis: Still losing some potential income, need to steward donors and over long term could make a big difference though.

Preventive actions: Fundraising Manager to plan how staff and volunteer resources to manage queries. Fundraising Manager to organise refreshed templates for thanking donors and trial bulk mailings. Fundraising Manager to schedule communications are timely and relevant to avoid 'spamming' audiences

Financial control risk: weak financial reporting reduces confidence in WMUK and impacts on income

Current analysis: Staff report difficulty in securing funders confidence to raise money because financial reporting weak. in the past accounts have not been produced on time, but current systems now working well.Therefore low probability, medium impact

Control Action: Create and adhere to good practice financial systems and protocols. Regular financial reporting to Board. Sign off accounts and get them audited on time.

Preventive Action: Build in contingency planning to budget Create reserves to ensure at least one year of continuing activities. Build capacity of a Finance Sub-Committee.

Financial Control risk: WMUK is subject to fraudulent activity

Current analysis: Control systems working well so Low probability but high impact.

Preventive Action: Maintain exemplary financial systems and ensure they are adhered to through regular monitoring and professional external audit.

Control Action: Have regular external overview of our activities and practices – e.g. via auditor.

Major Risk Source 5: regulatory risks

Data protection issues

Current analysis: Loss or theft of data. Most of the necessary tasks done but probability still medium and needs to go lower – potential impact high to an organisation such as WMUK, its reputation especially.

Preventative Actions: Have valid data protection insurance (complete). Have valid and sufficient SSL certification in place (complete). Fundraising Manager to have oversight of those with differing access to different areas of managing the fundraiser, and ensure appropriate agreements are signed and access in line with Caldicott principles.

Planning action: Complete audit and further plans for Data Protection.

Control action: formulate and use appropriate policies.

Data Protection Act issues

Current analysis: Fundraising Manager works with CEO to manage responses to any Subject Access Requests to ensure compliance. Probability medium and impact medium on WMUK's reputation.

Preventive Actions: Fundraising Manager to draw up process to responding to Subject Access Requests. Fundraising Manager to seek to pre-empt requests by timely sharing of anonymised data and results through public wiki whenever appropriate and in a planned fashion.

Planning and control actions: Incorporate into ongoing security review.

Non-compliance with charity or company law

Conflict of interest see 2.3.

Employment law compliance

Current Analysis: Recent report from external HR agency reported that our procedures were up to date and of good quality. Low risk, low probability.

Mitigation and control: We have minimised issues around staff by building sound HR strategies.

Control Action: Ensure policies adhered to.

False membership applications

Current Analysis: No evidence that applications are being made using false name or address data. If were successfully made in sufficient number, possibility of disrupting democratic process of PLC business Low risk, low probability.

Mitigation and control: Control - board to apply Article of Association of 4.4 - Termination of Membership if a membership was accepted under false pretence discovered and Article of Association 2.3(a) - Members if an application is made under false pretence; Mitigation - charity to focus on increasing size and engagement of membership base to remove effectiveness of disruption of this kind.

Control Action: Application of existing articles of association and pursue agreed goals to expand membership.

Major risk source 6: people risks

Inadequate volunteer base

For example, low numbers and lack of diversity of volunteers

Current analysis: WMUK aware of the problem and addressing it through programme. Probability medium impact high on engagement with sectors and capacity to generate projects, edit WP.

Planning: Build programmes to focus on and develop, support and retain volunteer base: Monitor impact of programmes and activities on volunteer base. Ensure all voices heard, not just the loudest.

Preventive Action: Target hitherto under-represented groups.; Have more chances for community to meet in person.

Control Action: Monitor trends in volunteer numbers & profiles every quarter.

Collapsing editor base

Current analysis: this has been on WMUK radar for some time and is in 2013 Activity Plan. Probability medium impact high Impact on reputation and projects though we can only make a contribution.

Planning Action: Build significant amount of activity plan around this issue e.g.

2013 Activity Plan contains work strands on editor retention and development.

Preventive action: Train the Trainers courses will build new capacity for example.; Monitor community activity and measure.

Control Action: Monitor active editor numbers/trends quarterly.

Poor staff performance

Current analysis: although a relatively new team, each appointment is crucial in a small team.; Current risk levels are low probability, medium risk to performance, reputation, income.

Prevention action: good support and performance management; Management planning systems used consistently.

Planning action: ensure roles can develop as staff show leadership and success.

Control action: CEO to raise any significant risks as they arise.

High/unplanned turnover of staff

Current analysis: in a small team if one person moves on it can leave a gap in terms of expertise and capacity– particularly for key roles such as CEO. High turnover could hold WMUK back significantly. Currently staff are committed, but until governance & leadership is clearer risk probability medium, impact high on performance reputation, income, activities.

Prevention action: good people management and good approach to reward, motivation, scope for job growth; good communication between Board and staff. Giving staff a feeling of responsibility and empowerment.; Avoid bunker mentality.

Planning action: succession planning for CEO – possibly for other posts. Job ghosting within team.; Creating a culture of thanks.

Risk register

Risk register for quarterly monitoring

(Those risks scoring low have been included on the lower half of the grid below.)

RISKS TO BE MONITORED QUARTERLY
Risk	Prob	Impact	Score	Response
1.1 Lack of strategy, poor strategy, or failure to take opportunities	Low	High	Low	Quarterly reports from CEO on objectives Consult community on creating five year plan
1.2 Ineffective governance and leadership	High	Medium-high	Medium-high	Respond to Compass review Communicate positives Manage meetings well Review Board performance
1.3 Board capacity insufficient for short term challenges	High	Medium-high	Medium-high	fill vacancies urgently delegate effectively to the CEO and staff amend Board size, Manage Board agenda and meetings
1.4 Environment risk – loss of Wikipedia status	Medium	High	Medium	Long term action by world community
1.5 Division or disharmony between WMUK & WMF	Medium	High	Medium	Respond to Compass review Develop independent fund-raising Build links with Foundation and other chapters
2.2 Excess of detailed, defensive policies	Medium	Medium	Low	Falls outside risk register
2.3 Conflict of Interest issues	Medium	High	Medium	Follow procedures and understand them.
3.1 Fractured UK Community	Medium	Medium	Low	Increase membership meetings Timely, honest feedback to community comments Monitor temperature as an additional traffic light?
4.1 Restrictions to fund-raising via Foundation	High	High	High	Reserve fund to soften future impact Rebuild fences with Foundation Maintain good governance Diversify funding base
4.2 Threats to individual funding	Low	High	Low	Falls outside register
4.3 Poor donor stewardship	Medium	Medium	Low	Falls outside register
4.4. Inadequate fund-raising strategy/delegation	High	Medium-high	Medium-high	Ambitious and varied strategy Increase autonomy of FR manager Monitor income and sources
4.5 Financial control, weak monitoring and evaluation	Low	High	Low	Develop framework and systems Monitor available results
5.1 Data Protection	Medium	High	Medium	FR manager oversight of access Plan DP audit
5.3 Charity Compliance Conflict of interest policy and practice weak (or perceived to be weak)	High	High	High	Respond to Compass review Convince others
6.1 Inadequate volunteer workforce	Medium	High	Medium	Planned development of volunteer base Target under-represented groups Monitor trends in numbers and profile
6.2 Collapsing editor base	Medium	High	Medium	Plan editor retention & development Run train the trainers to build capacity Monitor active editor numbers /trends
6.4 High/unplanned turnover of staff	Medium	High	Medium	Develop good reward, motivation framework Succession planning for CEO and other posts

RISKS NOT TO BE MONITORED QUARTERLY
Risk	Prob	Impact	Score	Response
2.1 Inadequate office Capacity	Low	High	Low	Falls outside register
2.1 Inadequate IT capacity	Low	High	Low	Falls outside register
2.5 Scandal on sites	Medium	High	Medium	Falls outside register
3.2 Negative media	Medium	High	Medium	Falls outside register
3.3 Negative decision-makers	Low	Medium	Low	Falls outside register
3.4 Negative partners	Medium	Medium-low	Low	Falls outside register
4.7 Inadequate funds in year	Low	High	Low	Falls outside register
4.8 External & Internal fraud	Low	High	Low	Falls outside register
5.2 Non-compliant FoI	Medium	Medium	Low	Falls outside register
5.4 Employment Law compliance	Low	Low	Low	Falls outside register
5.5 False membership application	Low	Medium	Low	Falls outside register
6.3 poor staff performance	Low	Medium	Low	Falls outside register

Risk Register: Difference between revisions

Latest revision as of 10:36, 21 December 2014

Introduction

Explanation of terms

Ways of looking at risk

Categories

Explanations of sections in the paper

Underlying approach to risk: WMUK ‘Risk Appetite’

Risk assessment and analysis

Prototype Risk Register

Risk management framework

General statement on risk culture

Underlying approach to risk: WMUK ‘Risk Appetite’

How WMUK will manage risk: roles, responsibility and accountability

Assessing and analysing the risks

Risk assessment and analysis

Major Risk source 1: leadership and strategy

Lack of clear strategy, or the wrong strategy, or the failure to identify opportunities and take advantage

Governance and leadership is ineffective

Board capacity is insufficient for short term governance challenges

Current environment risks

Disagreements between Wikimedia UK and the Wikimedia Foundation (and international movement)

Major Risk Source 2: operational risks

Business capacity: inadequate to achieve our mission/goals (business continuity)

Systems or policies risks: an excess of detailed, defensive policies

Conflict of interest problems recur

Project risks - scandal related to sensitive content or other issue on Wikimedia projects or WMUK sites

Major Risk Source 3: we have insufficient support to achieve our mission and strategy

Community fracture

Hostile or apathetic media

External opinion formers

External supportive organisations

Major Risk Source 4: financial risks

Funding income risks: the WMF funding arrangements for Chapters changes

Economic downturn reduces flow of support from individuals

Fundraising risk: Poor donor stewardship

Financial control risk: weak financial reporting reduces confidence in WMUK and impacts on income

Financial Control risk: WMUK is subject to fraudulent activity

Major Risk Source 5: regulatory risks

Data protection issues

Data Protection Act issues

Non-compliance with charity or company law

Employment law compliance

False membership applications

Major risk source 6: people risks

Inadequate volunteer base

Collapsing editor base

Poor staff performance

High/unplanned turnover of staff

Risk register

Navigation menu

Search