Have you made a new year’s resolution to ramp up your risk management program? Our experts are here to help. Use this list of do’s and don’ts to control the costs associated with workplace accidents, data breaches, property damage, and other incidents in 2020 and beyond.
Demonstrate management commitment
Management commitment forms the foundation of successful risk management programs. If employees believe leaders unconditionally support the program, they are more likely to buy in:
- Do make sure leaders allocate the resources necessary to implement the program. For example, the information technology team should include professionals who are trained to protect against constantly evolving cyber scams. Similarly, workplace safety programs should allow time for staff training, site inspections, and accident investigations.
- Don’t settle for lip service. Leaders who simply sign checks that fund risk management initiatives are only doing part of their job. They have to set the tone by following the same best practices they expect employees to follow, attending training sessions, and holding themselves accountable.
Crunch the numbers
Superintendents, chief financial officers, and principals are like the rest of us. If you want to get their attention, you have to communicate in a language they understand. In other words, you have to show them how incidents impact the budget:
- Do consider claim costs, also called direct costs, paid by your coverage provider. Let’s say your organization serves a hail-prone region of Texas. If a storm damages your facility roofs, your property coverage will help with repairs or replacements. Remember, however, that those costs could impact the amount your organization pays for coverage.
- Don’t forget about indirect costs such as hiring a substitute to cover for a teacher who suffers a workplace injury. Indirect costs come out of the organization’s budget, and they often eclipse direct costs paid by your coverage provider.
Identify your risks
During a thorough risk assessment, you will uncover the risks that threaten your resources and prioritize them in terms of probability and impact. For example, the Fund’s privacy and cybersecurity consultant identified business email compromise as an emerging cyberthreat facing our members this school year. Your organization’s risk could increase if you have not trained staff to recognize common social engineering tactics such as phishing. A successful scam could result in criminals stealing millions of dollars in district funds:
- Do take advantage of your coverage provider’s expertise and resources. At the Fund, our risk solutions consultants work alongside members to identify their risks and implement solutions. Members also benefit from detailed loss history analysis reports that help identify claim trends.
- Don’t leave employees out of the conversation. They know the risks associated with their jobs better than anyone. Ask them to help you plan, implement, and continuously improve your risk management initiatives.
Make a plan
Written policies and procedures are your roadmap for managing risk. They explain how the organization will identify and address risk, as well as recover when incidents occur:
- Do consult your legal counsel to ensure your policies and procedures comply with regulations such as the Texas Hazard Communication Act (THCA). Compliant procedures will require, for example, the organization to maintain a workplace chemical list for hazardous chemicals exceeding 55 gallons or 500 pounds, per the THCA.
- Don’t let policies and procedures become shelf documents. Communicate them throughout the organization, and enforce them consistently. Remember to practice emergency response procedures regularly so they stay fresh in employees’ minds.
Strong risk management programs are powered by well-trained employees who embrace their role in protecting resources:
- Do deliver year-round, job-specific employee training on workplace safety, cybersecurity, and other risk management topics.
- Don’t introduce new training without human resources’ support. They are responsible for all employee records, including training records.
Take corrective action
You cannot eliminate every risk. In most cases, however, you can reduce the likelihood and control the impact:
- Do assign responsibility for taking corrective actions by an agreed-upon date. If budget and/or time are limited, implement corrective actions in stages.
- Don’t stop there. Assign responsibility for following up to ensure corrective actions were effective.
Leverage others’ expertise
Texas is home to more than 1,000 school districts that face similar risks. The Fund makes it easy for you to learn from your peers:
- Do participate in our LinkedIn group, draw inspiration from our Excellence Award winners, and join us for Members’ Conference 2020 (The Fund hosts Members’ Conference exclusively for organizations that participate in one or more of our coverage programs.)
- Don’t forget that every organization is unique. Fund members should reach out to their risk solutions consultant for helping tailoring their program to meet stakeholders’ needs.