Cookies on Knowhow Nonprofit

We use cookies in order for parts of Knowhow Nonprofit to work properly, and also to collect information about how you use the site. We use this information to improve the site and tailor our services to you. For more, see our page on privacy and data protection.


Skip to content. | Skip to navigation

Community-made content which you can improve Case study from our community


Risk management is a vital (and legal) responsibility for charity trustees. This page covers an introduction to the risk management process and the role insurance plays in protecting your organisation.

Charity specialist CaSE Insurance has worked with NCVO to develop a library of risk management and insurance information, templates and tools. You can access the CaSE Support Centre resources for free and under the same licence as Knowhow Nonprofit content, allowing you to download the information, tools and templates and adapt them as you see fit for your organisation.

Insurance basics

Charities need to manage risk like any other business. While some risks they face may be like those of traditional businesses, there are differences. Risk management is a key tool for protecting your organisation, volunteers and service-users. Insurance is one way of managing or transferring risk alongside other strategies like outsourcing, avoiding or minimising risk; insurance is just one stage in the risk management process and irrespective of insurance, risks still require careful and considered management.

There many types of insurance for charities that may be relevant, dependant on your organisation’s size, complexity and activities. Some are legally required insurances for charities, while some are insurances that charities might need. When purchasing insurance on behalf of your organisation, it’s important to understand how insurance works and how to buy charity insurance. It is also important to regularly review your charity insurance, especially when renewing.

Risk management basics

The fundamental questions when assessing and managing risk are what you may lose or suffer (the event), how likely it is that the event could materialise (the frequency) and the extent to which you can afford that event occurring (the impact).

The risk management process involves identifying, registering and assessing risk, contingency planning and developing a robust Charity Business Continuity Plan (BCP), purchasing appropriate insurance, and regularly reviewing risk at board level. You can read a detailed Risk Management Process guide by CaSE or NVCO’s Managing risk page.

When identifying and assessing risks, you may find a brainstorming exercise useful. Consider each department, service and activity and work out the risks from there; don’t forget to include a range of people from across the organisation to maximise the risks you identify. Some areas you may wish to consider include:

The Charity Commission’s guidance Charities and Risk Management (CC26) suggest categorising your identified risks into the following:

  • Governance
  • External
  • Regulatory & compliance
  • Financial
  • Operational 

Further support

CaSE Insurance Support Centre - free information, tools and templates to adapt for your organisation.

NCVO’s Knowhow Nonprofit Managing risk page



Page last edited Oct 05, 2017

Help us to improve this page – give us feedback.

1 star 2 stars 3 stars 4 stars 5 stars 3/5 from 19 ratings

Find out how-to…

How-tos are written by our users to share practical knowledge.

And if there isn't one already you can write it yourself, or request someone else write it.

See all how-tos