August 8, 2024

Associations today face numerous risks that could impact their objectives, reputation, and long-term sustainability. As a board member, you are a custodian of your organization’s future, you have a fiduciary duty to ensure resilience and success. Effective ERM enables board members to proactively identify and address risks, thereby enhancing the ability to seize opportunities and address challenges. Integrating ERM into decision-making processes helps cultivate a risk-aware culture, strengthen governance practices, and bolster stakeholder confidence. ERM offers a systematic approach to understanding and managing risks holistically, allowing board members to make informed strategic decisions aligned with the association’s mission and goals.

This ERM handbook for association board members has been crafted to offer you a thorough understanding of ERM principles and practices, highlighting the essential role board members play in risk oversight for their association. Our objective is to provide you with the insights and tools needed to effectively navigate the complexities of risk oversight.

Topics include:

Understanding Enterprise Risk Management

Given the complexities of today’s world, many associations are adopting Enterprise Risk Management (ERM) frameworks to effectively fulfill these critical oversight duties. ERM provides a comprehensive approach to managing risks, helping boards meet their responsibilities and navigate an increasingly challenging landscape. Learn why ERM is essential and the key components of an ERM framework.

Roles and Responsibilities of Association Board Members in ERM

The board plays a vital role in setting the tone for managing risk, establishing the association’s risk appetite, and ensuring that appropriate risk management practices are in place. Learn the board’s role in risk oversight, responsibilities of board members, board-level risk committees and structures, and how the board can oversee and govern management-level risk councils.

Identifying and Assessing Risks

Understanding and documenting the association’s risk universe is a critical step in the ERM process. This involves systematically identifying potential risks that could impact the achievement of objectives across the association, covering key categories such as Strategic, Financial, Operational, Technology, Compliance, and Reputation. Learn the details of common risks faced by associations, how to assess these risks, and how to define your organization’s risk appetite.

Risk Mitigation Strategies

Once risks are identified and assessed, the next critical step is to develop risk response plans for the top-ranked risks. Risk response involves taking actions to reduce the likelihood or impact of these risks. Learn how to develop risk response plans, and discover strategies for reducing, eliminating, transferring, accepting, and/or exploiting risk.

Monitoring and Reporting

Board members require timely and relevant information to fulfill their risk oversight responsibilities. Learn how to establish Key Risk Indicators (KRIs) for monitoring risk, risk monitoring techniques, risk reporting mechanisms, and recommended reporting templates and dashboards for boards.

ERM Best Practices checklist for Association Boards

Board members must prioritize risk discussions, participate in training and education, and demonstrate commitment to risk management practices. Our handbook provides a best practices checklist to help you on your ERM Journey.

Additional Information

This handbook also includes a glossary of key ERM terms, examples of an association risk survey, and links to additional online resources we recommend for further information.

This was prepared and written in collaboration with Joseph M. Pugh, CCEP, CFE, RIMS-CRMP, CRMA, CDPSE, who is Senior Director of ERM at AARP.  We appreciate his insights based on his experience.  His ideas and the information shared do not represent those of his employer.

Download the Handbook

Melissa Musser, CPA, CIA, CITP, CISA

Partner and Director, Risk & Advisory Services

Susan Colladay, CPA

Partner, Audit and Assurance