Case Study: A Not-for-Profit’s Success Story of Strengthening Impact through Enterprise Risk Management

Business and Management Consulting, Not-For-Profit and Education

Learn how a not-for-profit organization aligned risk strategy with its mission for greater impact.

Executive Summary

A global not-for-profit organization dedicated to advancing philanthropy and social impact recognized the need to enhance its Enterprise Risk Management (ERM) framework to support its global expansion and long-term sustainability.  

The organization aimed to strengthen risk oversight, improve governance and reinforce stakeholder confidence to meet growing donor expectations and regulatory requirement

For this mission-driven organization, risk management wasn’t just about mitigating threats—it was about creating the stability needed to drive lasting change. 

This ERM “refresh” project integrated risk management into decision-making, enhancing governance, resilience and efficiency. The Board’s commitment underscored its dedication to accountability, transparency and strategic impact. This proactive investment reinforced the organization’s governance and risk management practices, strengthening donor confidence and ensuring the not-for-profit could continue making a meaningful difference. With its new ERM framework, the organization is better equipped to navigate uncertainty, seize opportunities and expand its reach. 

The Client

The client is a global not-for-profit, partnering with diverse stakeholders to advance social impact initiatives. Given its reliance on donor contributions and government grants, demonstrating a strong risk management strategy was critical to maintaining credibility, securing funding and ensuring operational resilience.  

The Challenge

The organization needed to update its ERM plan to reflect its global operations and evolving needs. The existing ERM framework, last updated four years ago, required improvements to: 

  • Address emerging risks across its expanded global footprint and improve integration across multiple entities. 
  • Integrate risk management into decision-making at all levels of the organization. 
  • Strengthen risk oversight by the Board of Directors. 
  • Enhance risk oversight and governance to meet donor and regulatory expectations. In other words, reassure donors and grant providers that a structured risk management process was in place, reinforcing their confidence in the organization’s ability to manage risks effectively and sustain its mission.

The Board’s commitment to this initiative reflected their dedication to both accountability and business sustainability, ensuring that the organization remains a trusted leader in its field for years to come. Beyond risk mitigation, the not-for-profit recognized the strategic value of a well-structured ERM framework for long-term success. 

The Approach and Solution

Withum provided a structured and collaborative approach to refresh the ERM framework, focusing on impact and efficiency. The Withum team guided the organization through the following key steps, ensuring the ERM framework was tailored to the unique requirements, circumstances and context of this not-for-profit organization: 

  1. Assessment of the Existing ERM Framework:  The Withum team conducted a detailed evaluation of the organization’s existing risk management framework, identifying gaps and areas for improvement in light of the organization’s expanded scope, global operations and evolving strategic priorities.  
  2. Risk Identification:  To capture a broad and accurate view of the organization’s risk landscape, the Withum team facilitated workshops with leadership to understand emerging risks. Withum also designed and launched a comprehensive risk assessment survey, distributed to Risk Owners across various departments and regions and provided support for survey execution and analysis, ensuring meaningful insights were extracted and properly synthesized. 
  3. Risk Assessment and Prioritization:  Withum provided the client with a structured methodology to assess and prioritize risks, ensuring alignment with their strategic objectives. Through facilitated discussions and hands-on guidance, we helped evaluate risks based on key criteria such as: likelihood of occurrence, potential impact on the organization , effectiveness of current mitigation strategies .
  4. Risk Mitigation Planning: Withum facilitated workshops and strategic discussions with risk owners to develop actionable mitigation plans and appoint Risk Owners. 
  5. Integration into the ERM Plan: The Withum team helped consolidate and formalize the updated risk assessments and mitigation strategies into the organization’s Enterprise Risk Management Plan. This document serves as a living guide for ongoing risk governance and decision-making. 
  6. Board Preparation and Ongoing Monitoring / Coaching: Withum provided coaching and guidance to leadership as they prepared to present the revised ERM plan to the Board, helping them to articulate key risks, mitigation strategies and the organization’s long-term approach with confidence.

Beyond the Board presentation, Withum equipped the organization with tools and best practices to embed risk monitoring into its ongoing operations. By integrating periodic monitoring and reporting processes, the organization can now provide both management and the Board with a dynamic, real-time view of its evolving risk landscape, supporting proactive decision-making. 

This collaborative approach not only refreshed the ERM framework but also embedded long-term risk awareness within the organization. 

The Results, ROI

The updated ERM framework delivered tangible benefits, strengthening the organization’s risk posture and driving strategic value: 

  1. Enhanced Risk Oversight and Governance: Leadership and the Board gained a clearer, more structured view of the organization’s risk landscape, improving oversight and decision-making. 
  2. Increased Donor and Funder Confidence: A more transparent and proactive risk management strategy reassured donors, grant providers and regulatory bodies, directly contributing to sustained and increased funding opportunities. 
  3. Stronger Global Risk Resilience: Improved ability to anticipate, mitigate and respond to challenges in diverse environments. 
  4. Operational Integration and Efficiency: Embedding ERM into decision-making processes made risk considerations a natural part of strategic planning across departments and global entities. 
  5. Board-Ready ERM Plan: Leadership successfully presented the enhanced ERM framework to the Board, equipping them with a clear roadmap for long-term risk management. 
  6. A Risk-Aware Culture: Leadership and staff are now better equipped to identify potential challenges early and act decisively, fostering a culture of resilience and continuous improvement.  

By investing in a robust ERM framework, this not-for-profit organization has strengthened its governance and operational resilience and reinforced its ability to drive lasting social impact.  

The transformation went beyond compliance as it empowered the organization to grow, adapt and make a meaningful impact. With a refreshed ERM plan in place, the organization has fostered a culture where risk awareness is an integral part of its mission-driven work and is now better equipped to make an even greater impact on the communities it serves. 

View More Case Studies

Contact Us

For more information, please contact a member of our team.

Let's Chat
Read More
Image of two people working together on a tablet.

Business and Management Consulting

Transform The Way You Work Transform the way your organization works and see the impact on your business and your bottom line. When you align your business strategy and goals with […]

Learn More
image of little kid behind a pink heart

Not-For-Profit and Education

At the center of your nonprofit is the desire to keep going against all odds to fulfill a unified goal. Sometimes, that focus can become clouded by compliance, governance and […]

Learn More