A guide to risk management for not-for-profits and social enterprises

1 minute read + PDF Download  21.05.2024

For many, managing risk, and even knowing where to start, can be overwhelming. This guide offers not-for-profit and social enterprise organisations a framework to establish appropriate risk management processes that help them to succeed.


For not-for-profits and social enterprises, the ability to focus limited resources on what really matters is essential. Strong risk foundations can help to provide that focus.

Risk is the effect of uncertainty on objectives. When an organisation's risk foundations are strong and integrated into operational practices and culture, it can meet its purpose. A clear understanding of the key risks and how they are managed is integral.


The purpose of risk management is the creation and protection of value. It improves performance, encourages innovation and supports the achievement of objectives.”
AS ISO 31000:2018 Risk management - Guidelines

Risk management guide & health check

The objectives of this guide are to:

  • understand key concepts relevant to managing risk within the context of your organisation;
  • identify resources to help you manage your risks; and
  • plan practical steps that support you to integrate risk management practices within your organisation in a meaningful way.

This guide draws upon our experience as legal and risk practitioners, as well as current governance and risk management frameworks, standards and resources including:

  • the Australian Charities and Not-for-profits Commission (ACNC) Governance Standards; and
  • ISO 31000:2018 Risk management and ISO 37301:2021 Compliance management systems. This provides best practice risk management and compliance frameworks that can be applied to all organisations, regardless of size.

Risk management guide & health check – A guide for not-for-profits and social enterprises.