.png)
Benchmark the strength of your organisation against the Institute of Risk Management and the National Cyber Security Centre standards.
Both management and/or trustees should take the assessments.
It will take you about 10 minutes to complete 35 questions and receive your score across four core areas:
1) governance and risk management;
2) risk culture;
3) cybersecurity and data; and
4) strategic risk planning.
Testimonials
David Partridge, Become Charity
Director of Finance and People
"The tool is very useful and I'll be thinking about what it tells us as we develop our risk management processes further."
Why should you assess the strength of your organisation's governance and risk arrangements?
The success of your mission and your ability to support the community you serve are highly dependent on your organisation's resilience, regulatory compliance, and risk and governance arrangements.
The assessment will tell you where you need to improve your risk and governance arrangements to ensure compliance with the Charity Commission's requirements and ultimately stay safe. In addition, our scorecard methodology provides you with a score that allows you to track your progress over time.
In the United Kingdom, charities and non-profit organisations must comply with many regulatory requirements, starting with the Charity Commissions. As a trustee, you bear personal responsibility for the financial performance of the organisation you manage. With that, you are also responsible for your management account's risk management statement.
Whether you are part of the management or act as a trustee, you are expected to enable and support all key aspects of the risk management process, particularly in setting the parameters of the process and reviewing and considering the results.
Case Study: UK Charity
This case study is a reminder that risk management is, by its very nature, a pro-active, people-centric mindset. Many charities find staying on top of governance and risk management difficult. Often, they lack the resources and expertise to assess themselves on their own. And sourcing external assistance can be beyond their financial reach.
Four warning signs your risk and governance arrangements are not effective
01.
You cannot remember of the last time your risk register was discussed at the board.
02.
You have limited bandwidth to manage evolving legal obligations, potentially inadequate governance structures, and cybersecurity weaknesses that could result in data breaches.
03.
When was the last time you reviewed your policies? Well, you don't know. When the board last reviewed any of these documents, none of the current board trustees or directors were present.
04.
You only hear from the same person. No one else from the management team ever attends any board meetings or sub-committee.
Next Steps
Congratulations! You have completed the assessment, and you know how protected you really are. What's next?
Leave your findings for another day!
You have a top score, or you don't feel this warrants any more of your time. If so, thank you for completing the assessment, and we are here to help whenever you might need some support in the future. In the meantime, feel free to read our additional resources on our blog.
Disclaimer
We only provide the Charity Maturity Assessment Scorecard for informational purposes. This assessment generates results and recommendations based on user-provided information, aiming to offer general guidance on governance and risk management practices. Please read our Terms of Use for more information and confidentiality.