This policy sets out ways in which the organization will identify, assess, evaluate, prioritize, and coordinate its activities in a controlled manner to safeguard its interests. One of the primary objectives of this Policy is to ensure prime management of risk exposures appropriate to the nature and scale of the universe of risks faced by the South African Youth Climate Change Coalition (SAYCCC). The Policy defines the principles and the approach to risk management as well as the roles and responsibilities of the day-to-day risk and control environment.

Objective:

To outline a process of identifying, assessing, evaluating, prioritizing and coordinating strategic, financial and security risks to the interests of SAYCCC.

Purpose:

SAYCCC defines risk as an event’s potential to impact the achievement of its objectives. Such risks include emerging risks, which are risks resulting from a newly identified hazard to which a significant exposure may occur, or from an unexpected new or increased significant exposure and/or susceptibility to a known hazard. By identifying and acting on these risks, SAYCCC will be able to protect and create value for its key stakeholders through increased organizational effectiveness and improved business decision-making.

RM provides a framework for managing these risks, which typically involves:

Identifying events relevant to SAYCCC’s objectives (risks and opportunities);
Measuring events in terms of impact and likelihood;
Monitoring the risks against the limits set and budget;
Managing risks by developing risk mitigation strategies and action plans where necessary;
Applying risk management techniques consistently across SAYCCC; and
Integrating risk management and measurement into business processes.

Scope:

This policy sought to strengthen the capacity of the SAYCCC as a Non-Governmental Organization that is youth-led and operating in a civic space on issues of climate change. This policy encompasses the identification, analysis, and responses to risk factors that form part of the life of the South African Youth Climate Change Coalition. It further enables the organisation to establish a comprehensive set of risk management methodologies. This Policy is applicable to all of the SAYCCC’s operations where the organisation has management control and includes:

All staff, first-line business, and senior management;
SAYCCC Risk Management function; and
All assurance and governance structures across SAYCCC.

Risk Governance

Board of Directors	Provides policy, oversight, and review of risk management
Finance and Planning Team	Overseas regular review of risk management activities
Executive Director	Drives a culture of risk management and signs off on annual risk attestation.
Risk Manager/Policy Lead	Continuously improving risk management policy, strategy, and supporting framework
Staff	Comply with risk management policies and procedures

Risk Management Process:

When undertaking a risk management process, the following steps must be taken: (Refer to the risk management procedure for details on how to perform each step in the process).

Diagram, schematic

Description automatically generated

Risk Categories:

Risks relevant to SAYCCC as an organisation may be categorized into the below classified, however, the categorising of such risks is not limited to those specified below:

Contextual risks
Programmatic risks
Technological risks

Risk Register:

This is a risk management tool that SAYCCC uses to collectively identify, analyse, and solve risks before they can materialise. Such a risk register will include the risks that need to be prioritized and their likelihood of occurrence. A project risk register should not only identify and analyse risks but also provide tangible mitigation measures. This way, if the risk becomes a larger threat, SAYCCC is prepared with solutions to solve the issues.

Risk Reporting:

The risk register is prepared under the Risk and Compliance function and reviewed by the Finance and Planning Team and Board of Directors regularly.

Roles and Responsibilities:

The SAYCCC Board of Directors is responsible for overseeing risk management with a scheme of delegation to the Finance and Planning Team (which reports to the Executive Director).

The board is responsible for, amongst other things:

Approve the overall policy statement;
Offer periodic advice on risk tolerance and risk appetite;
Monitor the management of significant risks to ensure that appropriate controls are in place;
Review regularly the SAYCCC’s approach to risk management and approve changes where necessary to key elements of its processes and procedures.

The Finance and Planning Team will:

Ensure the implementation of the risk management policy and advise on any modifications to the policy;

Ensure that adequate information is provided for the Board as appropriate, on the status of risks and controls;
Ensure that risk registers are reviewed regularly.

Risk Owner

The risk owner (as noted in the Risk Register) is responsible for ensuring on a daily basis that the relevant operational procedures and controls implemented to treat each risk area are adequate and effective. If a control or procedure is not adequate and effective in treating the risk, the risk owner should report this, with a recommendation for alternative risk treatment.

General Responsibilities

All SAYCCC members are responsible for the effective management of risk including the identification of potential risks. And supporting teams are responsible for the development of risk mitigation plans and the implementation of risk reduction strategies. Risk management processes can be integrated with other planning processes and management activities.

Risk Assessment Matrix:

Refer to the Risk Management Framework for a detailed assessment of risks.

At SAYCCC, risks are assessed in two parameters, the two parameters are:

Likelihood – How likely is it to happen.
Consequence – the impact of the risk.

SAYCCC will use the below heatmap as illustrated above to assess risk.

		CONSEQUENCE RATING
		1	2	3	4	5
LIKELIHOOD RATING	5
	4
	3
	2
	1