Church Risk Management
What is a Risk Assessment, and how do you prepare one? Here's a step by step guide...
Risk management and risk assessments – these are terms which are frequently bandied about, and most churches and ministries have a general understanding that it is something important that must be done, but what does it really mean, and how do you go about preparing an appropriate risk assessment for your church or ministry activities?
In the past, some churches and ministries may have failed to protect their people and property, not because they were uncaring or not interested, but purely because the idea of risk management seemed onerous, time consuming or there was simply no one who knew how to navigate the process.
Unfortunately, we live in a less than perfect, material and sometimes hostile world, a world which is becoming increasingly litigious, and seeks to apportion blame to another party for all manner of losses. Society often places churches and ministries on a higher moral pedestal, therefore the duty of care to those entrusted to our care or who are participating in our programs is significantly increased.
Following is a step-by-step guide on how to prepare a risk assessment for your various ministry activities.
The overall purpose of a Risk Assessment is to outline a process to help the Church properly apply risk management to all risks and incidents that may have the potential to cause injury or damage and associated costs for our Church.
The chance (likelihood or probability) of something happening that may have an adverse impact on the church, its congregation, activities and other personnel.
A logical and systematic approach to managing the uncertainty regarding risk of injury, illness, loss and damage.
To help the Church to implement a Risk Management Strategy for the effective management of potential risks to church property, personnel, activities and objectives, it is recommended that the following steps are carried out.
The general idea and result of these steps is to produce a written list of risks and associated actions to improve current risk controls (commonly called a “risk register”).
This provides a systematic plan for risk management across all church operations and enables continuity of attention to church risks and control improvements should church personnel change in the meantime.
Step1: Identify the Risks
Church activities and operations encompass a wide range of possible risk exposures. It is therefore helpful to breakdown exposures into various categories or areas of risk and consider possible risks within each of these in turn.
Though risks could be categorised in many ways, some typical categories to help identify and scope a church’s potential risk exposures are, for example:
Covering, for example
Risk of fire, flood, storm, damage to church buildings, other assets
Risk of injury or damage to people on church property, at church events, to tradesmen, to children on church grounds; as a result of unsafe food
Breach of copyright, error in advice or inappropriate counselling, mismanagement of church business, misconduct, harassment
Risk of theft, vandalism or other attack on church property or personnel
Risk of abuse, slander or vilification through internet and phone media
Risk to people in church buses, cars; risk to transporting church goods
Risks to volunteers (same as for church employees)
Identifying and listing possible risks can then be done by observation and judgment – for example:
- A walk-through survey of church grounds and property, or event site;
- Consulting with church employees (who are usually aware of what can go wrong and why, based on their experience with a job, task, piece of equipment or event);
- Maintaining and reviewing records of "near miss" incidents, or accidents, injuries and illnesses related to church operations;
- Examining manufacturer's instructions on chemicals, plant and equipment. They usually highlight possible risks and indicate methods for proper use;
- Using specialist risk practitioners where necessary;
- Asking ACS Insurance Services for advice.
Some additional “tools” to help with identifying risk and the underlying sources or causes of risk are:
- “Triggering” or “test” questions, like:
- What is the worst thing that could happen?
- What has happened in the past? What could possibly develop?
- What has happened elsewhere? In this region, in similar churches elsewhere, etc?
- What uncertainties are there? What are we unsure of?
- What needs to go right?
- And so on. You can prepare your own for your church.
- "Scenarios" ("what if...") or "event" questions, like:
- What if our decision is wrong?
- What might be an alternative or opposite view?
- What if a (defined) incident actually occurred?
- What would the community expect of us?
Step 2: Assess the Risks
Once the church’s risks have been identified, the next step is to assess the level of risk involved with each risk and to evaluate each in terms of their relative priority, including whether they require risk control improvement or whether they are well controlled and thus acceptable at present.
Risk assessment is based on the concept that “risk” comprises two key components: likelihood (chance of a risk arising) and impact (consequence or severity should the risk actually occur). Combined, these two components produce the level of risk applicable to a given circumstance. This means that, for example, a significant level of risk could be produced by an event of low likelihood but major impact if indeed it did occur, or it could also be produced by an event of high likelihood but lesser (say moderate) impact.
It is common to consider and appraise likelihood, impact and the resultant level of risk in qualitative terms. The process may be illustrated as:
To assist you in doing this, you might use the tables shown below for each risk you have identified, firstly, assess the likelihood of the identified risk actually happening:
Frequently occurs, is present now or highly probable to occur (100% chance of occurrence or a few times each year)
Some occurrences and fairly probable (75% chance of occurrence; might occur maybe once or twice per year)
Possible (50% (i.e. 50:50) chance of occurring; might occur maybe once every 2 to 3 years)
Small (10% to 20%) chance of occurring; might occur maybe once in 5 -10 years
Very small (maybe 1 in 50 or 1 in 100) chance of occurring; might occur once in 20-50 years
Next assess the potential impact or consequence if the risk was in fact to occur:
Death; huge financial loss; stops church operation for very long time; damages church reputations
Major injuries; major property and/or monetary loss; halts church operations; damages church or pastor reputation
Medical treatment required offsite; high monetary loss; affects key activity, service
Minor medical treatment on site; low-medium monetary loss
No injuries, no or little monetary loss, short-term
Next, from the above assessments, assess the level of resultant risk and accordingly evaluate the degree of urgency with which the risk needs to be resolved by the church:
From which a possible risk evaluation is as follows, for example:
Immediate action; notify pastor/senior church staff
Activity must not proceed while any risk is rated VERY HIGH
Advise church senior staff - Activity can only proceed while any risk is rated HIGH with risk solution approved and signed by Safety Officer and Management (Principal)
Assign responsibility to fix (treat the risk)
Risk management plan must be in place before activity begins
Routine action; acceptable risk at present but check controls regularly
The following link will give you access to a Risk Assessment template that you can use for all your church/ministry activities:
A risk assessment should consider the risks to all people, including non-employees such as sub-contractors and members of the public, the environment, plant, equipment, vehicles and property potentially affected by the risk (hazard or event).
Step 3: Determine What Risk Control measures To Take
This risk assessment process (identify – analyse – evaluate) leads directly into risk mitigation. That is, to risk control actions and improvements. Assessing and recording risk controls and their improvements provides the next component of the church’s “risk register”. Put together, the register of risks and their assessment plus the register of controls and control improvement actions (termed “risk treatments” in ISO 31000) form a typical documented basis for a church’s risk profile and associated risk management action plan.
Using the results of the risk assessment, determine what control measures, or what actions to take, in order to eliminate or reduce the risks to an acceptable level. Typically, priority is given to Very High & High risk activities.
In principle, risk control actions to take might consist of one or more of the following:
Avoid or eliminate the potentially risky activity
Prohibit volunteers climbing on roofs or scaffolding; prohibit re-use of open or unrefrigerated food
Stop the risk problem arising in the first place
Secure/lock doors and windows; clear gutters and downpipes; provide training or instructions; screen vehicle (e.g. bus) drivers
Limit or contain
Prepare sandbags to halt flooding; supervise tasks; ensure first aid or risk response capability is available and properly ready at church events
Shift the risk away by contract or insurance
Ensure tradesmen are currently and properly insured for public liability and workers compensation
Share or diversify the risk
Require two signatories on all financial transactions; provide job rests and rotations; ensure people are given adequate help (e.g. to lift objects)
Generally, risk control measures may be divided into short-term/immediate control measures and longer-term control measures. The long-term aim should always be to eliminate the risk at source, but, whilst attempting to achieve this aim, other short-term actions should be used.
Risk treatments should be documented in the form of an action plan. As stated earlier, this enables regular monitoring of progress and completion of risk control actions and also provides a reference should church personnel change.
The risk treatment plan and schedule thus would set out the risk treatment options recommended for each unacceptable risk exposure that was identified in the risk evaluation process earlier. A template for such a risk treatment plan is shown at the end of this document.
It is typical to have the risk treatment action plan included alongside the risk register (list of identified risks). The risk treatment plan records the specific treatment, schedule for implementation and responsibility. It therefore will assist with implementation and monitoring of progress and recorded completion of risk control improvements.
Step 4: Monitor and Review Risk Control Measures
Lastly, because church business, personnel and activities change with time, risk controls should be regularly monitored and periodically reviewed to ensure they continue to be in place and working as intended.
Some of the ways to undertake such review are:
- Revisit and re-do/update as necessary the above steps of the church’s risk register and risk treatment plan at least annually;
- Review the church’s incident and claims records as part of this;
- consult with church employees and volunteers;
- refer to manufacturer's instructions;
- Refer to specialist risk practitioners and ACS Insurance Services.
Step 5: Ongoing Risk Management
The risk management procedure should be repeated at intervals or whenever there is reason to suppose the results are no longer valid.
Other Helpful Links and Resources:
Risk Assessment Examples
- Sample Family Fun Day Risk Assessment
- Sample Jumping Castle Risk Assessment
- Sample COVID-19 Sunday Church Service Risk Assessment
- Manual Handling/Hazardous Materials/Working Bee Risk Assessment (coming soon)
- Youth Beach Activity Outing Risk Assessment (coming soon)
DISCLAIMER: The information on this website reflect some of the commercial aspects and potential risks/obligations for your Church, School or Organisation. The information is given as a guide only and does not represent a definitive list or legal view in any way shape or form. You are advised to seek your own professional advice on all your individual needs.
ACS Financial Pty Ltd (ACN 062 448 122) (AFSL 247388).
Want to PROTECT
your Church, Ministry or Christian School?
Hi there, we're ACS Financial, Insurance and Protection specialists for Australian Churches, Ministries and Christian Schools.
Get A Quick Quote!
About ACS Financial
Trusted leaders in Insurance and Protection, Lending, Investment and Risk Management for Churches, Ministries and Christian Schools and we've been serving our clients for over 25 years...
Save up to 40% on your personal home, car and contents insurance with one quick call.
Call:1800 646 777
"It's only in the midst of a crisis that you understand the value of an insurance broker who understands your unique needs. Cyclone Debbie hit our village and our church and caused flooding of over 4 meters devastating most of the village, including our church, contents and equipment. We're with ACS and when crisis hit they understood our unique needs, looked after us and were able to help us get back on track so that we could go and help the community. "
PASTOR ROB STUTTLE
Living Waters Church
Need help with Insurance And Protection?
Find out why thousands of Australian Churches, Ministries and Christian Schools trust us with their insurance and protection needs. The only question is, when will you?
Get A Quick Quote...