The nights are drawing in. The squirrels are gathering acorns for the winter and birds are feathering their nests in preparation for the cold months ahead.
Why review your policies?
All policies should be reviewed to keep them current and compliant
Having the right policies protects the people you engage with
And protects your organisation
It signals to funders that you are professional and take your responsibilities seriously
And if something does go wrong, it shows that you used your best endeavours to reduce risks and their impact
Planning ahead and anticipating problems before they happen is always a good idea, although many organisations think of it as a luxury, if they have the time to think about it at all. But having the policies and procedures in place to manage risk is no longer a luxury, or even an aspiration, but a necessity.
Increasingly it’s not just regulators like the Charity Commission that require certain protocols to be in place. Trusts and foundations too now want to know that the organisations they fund are safe and reliable recipients for their money, and have the policies necessary to ensure that charitable funds are used responsibly and professionally.
Precisely which policies an organisation needs is not always clear. There’s certainly a hierarchy of ‘must have’, ‘should have’ and ‘might have’ policies. Charity Commission guidelines don’t necessarily help – they provide guidance, not definitive advice – but it’s as well to err on the side of caution and to be prepared for those events which have both a greater chance of happening and a greater impact if they do. For this, a risk management schedule is a very useful tool, and the most practical ones have a points system and ‘traffic lights’ to show clearly when an area of risk is both likely and impactful.
It’s a fact of life that things do go wrong, but good preparation can minimise the risk of this happening and mitigate against the worst effects if they do. And if the worse comes to the worse, being able to show that your organisation did its level best to contain the risks that all organisations inevitably face will go a long way to restoring trust and confidence among your supporters. Regulators too will give credit for the efforts made to manage risk, and so staying ahead of the regulatory curve is always prudent.
This was illustrated recently with the publication by the Independent Inquiry into Child Sexual Abuse of its report into religious organisations. The safeguarding requirements for such organisations lack clarity and definition, and undoubtedly fall short of what is required in formal educational settings such as schools. And yet the much-publicised incidents of abuse that have taken place in religious institutions demonstrate the very real risks of harm that children and vulnerable individuals can be exposed to, and the reputational damage to organisations that failed to address those risks or provide the mechanisms to report and tackle abuse.
Just as startling has been the number of big-hitting charities in the frontline of caring for vulnerable individuals that have failed to protect their own staff from harassment and bullying (Save the Children) or to address allegations of racism and discrimination (Barnardo’s). Even the National Council for Voluntary Organisations, which advises other charities on governance, has found itself mired in scandal recently.
Of course, it’s not enough simply to have policies in place - as Save the Children, Barnardo’s and the NCVO undoubtedly did - if they aren’t being implemented and adhered to, and if all concerned aren’t aware of their rights, responsibilities and what to do if problems arise. That’s why it’s so important actively to review your policies, to have senior management and trustees take ownership of them and to ensure that they are accessible to and understood by staff, volunteers and others with whom your organisation engages.
Equally important is to adopt policies and practices that are tailored to the needs and resources of your organisation. Too often, policies are cut and pasted from elsewhere and bear little or no relation to what a charity actually does and how it operates. Off-the-shelf privacy policies, for example, frequently refer only to website activity and make no mention of protecting data collected and processed in other ways. Safeguarding, equality & diversity, anti-bullying and whistleblowing policies also need to include reporting and response mechanisms specific to your organisation, if they are to make any sense to those applying them.
If your organisation is due for a policy review, or should be drawing up a risk management schedule or discussing good governance among your senior leadership, contact us for an initial informal assessment of your needs. With decades of experience with dozens of charities, trusts and commercial organisations, your specific needs can be identified and addressed, to prepare you for the winter months ahead, and beyond!
Comments