How to develop a Risk Register and Risk Management Policy

Written by Hyaceinthe Coly, Association du Réseau des Jeunes, Senegal

Please describe the context in which your organisation interacted with AmplifyChange

AmplifyChange is currently funding our organisation through a Strengthening Grant, with the main goals being organisational strengthening and capacity building.

Through this collaboration we have been able to connect and work closely with the AmplifyChange technical and financial teams as they have been present and available to support us since the beginning of our project named Awareness Program for the health and rights of women, adolescents, and children in Kolda and Sedhiou Regions.

This collaboration has helped to improve the visibility and perception of the project in the region. We have extensively communicated during the preparation and implementation phase of our activities mainly on our social media by posting videos and pictures. We used AmplifyChange branding on some of the project materials such as T-shirts, banners, and other goodies, which made people take notice of the project and it gave the project more credibility amongst local organisations and populations.

What measures have you implemented to prevent and manage the risks your organisation is facing?

As part of pre-contracting phase and Special Conditions raised by AmplifyChange, we had to develop a Risk Management Policy as well as a Risk Register.

The AmplifyChange Financial Team specifically supported us through this exercise via zoom calls or email. They advised us on the format to use and what essential information was supposed to be included in both documents.

In order to develop our own Risk Register, we had to gather as a team and think about relevant and adequate factors that needed to be considered in order to identify risks. We had to consider the context in which our project was implemented to identify what could go wrong and negatively impact the success of the project.

We identified different categories such as

  • Financial (refers to risk of increase of costs or loss of income)
  • Contextual (refers to events, factors or dynamics occurring in the broader environment which affect programming or operations yet are beyond the control of organizations or individuals).
  • Safeguarding (refers to the risk of harm, abuse or neglect towards vulnerable groups including children).
  • Reputational (refers to the potential for negative public perception or some negative circumstance that might impact on an organisation’s reputation and image)
  • Operational (refers to the risk a company faces in the course of conducting its daily activities, procedures, and systems).

Developing the two documents enabled us to not only think through and identify potential issues/risks that the team could face, but also to define preventive measures as well as mitigating actions for these identified risks.

This process made us more vigilant during the implementation of the Risk Management Policy and Risk Register, and by using these documents we have been able to anticipate potential risks linked to the environment of the project and in turn be more adaptable and responsive.

Please explain the types of project risks that your organisation was facing/might have faced during the project implementation.

We identified risks such as risk of fraud, reputational risk and safeguarding linked to the work we do in the community and with vulnerable adults, adolescents, and children.

We also included operational risks linked to the lack of donor fundings to sustain our projects and lack of staff resources but also risks linked directly to the themes we work on as FGM/C and child marriage are still sensitive and taboo topics within the community.

How did the implementation of these measures/recommendations from AmplifyChange help you as an organisation? What benefits did you identify?

Thanks to this new approach of risk management, we have been able, as an organisation to be more prepared and adaptable to face potential issues/risks.

It has also helped us to reinforce and even create new partnerships with other donors, as a robust Risk Management Policy was part of their requirements too. Indeed, they all have mentioned that a good Risk Management Policy is a good practice which provides assurance on the quality of the organisation’s governance.

The Risk Register has also been a good tool to efficiently reallocate financial resources by taking into consideration the risks identified in each area of the project.

What are your tips for an organisation facing the same or similar issues?

We advise all grantees to develop such tools and include as many preventive/mitigating actions to tackle potential issues/risks on the ground.

We also recommend sharing your Risk Register with the implementing team, to help them identify risks and to be aware of all the risks and be ready to face them efficiently.

Good communication between the different parties involved in the project (Project Lead, implementing team, donors) is absolutely key in order to ensure that the whole risk-management approach is relevant to the organisation.

What did you learn from this experience?

We have learnt how to strengthen our team’s technical and managerial skills so that they are flexible to the project environment and remain adaptable to face and tackle any emerging threats/issues.

The Risk Management Policy and Risk Register have been constantly updated through the different implementation phases of the project, under the supervision of the Project Lead.

The participation of the members of the organisation in the decision-making process is also a really important element in the anticipation and potential resolution of issues. This risk-management approach is appropriate to the environment in which the project has been evolving.

Hyaceinthe Coly, Association du Réseau des Jeunes, Senegal

Hyaceinthe Coly is the Executive Secretary of Association du Réseau des Jeunes pour la promotion de abandon des MGF/E (Organisation Youth Network against FGM/C”), based in Senegal and oversees the implementation of the project funded by AmplifyChange.

As the Project Leader, Hyaceinthe has been working with a dynamic team and ensures that all the requirements (technical and financial) from AmplifyChange are met in the planning and implementation phase of the project.

His previous experience in project management has enabled him to accomplish his role successfully, supported by a team of talented people. He has been a strong advocate for women and girls’ rights, especially through his engagement within the HeForShe movement.