Managing safeguarding risks

Just like all other risks, you must include safeguarding risks in your risk register and review them regularly. Your organisation must consider safeguarding risks at both an operational and strategic level.

A strategic safeguarding risk usually comes from outside the organisation. This could include new regulations which affect who you can employ, the types of checks needed for staff (and costs of these) or duties from public bodies you enter into contracts with. Usually these types of risks are managed in a strategic risk register by the CEO and trustee board.

An operational safeguarding risk usually comes from inside the organisation. For safeguarding this could include specific hazards to staff, volunteers or those you work with to experience harm or abuse, managing specific blind spots in the environment or venue or risk which arise from your delivery (eg emotional harm due to your work). As director of operations you’ll usually manage the risk register that contains these risks or supervise registers managed by different teams.

Make sure you know about the different risk registers your organisation has, and where your responsibilities start and end.

When you’re considering safeguarding risks, you must make sure you have thought as broadly as possible. Use our list of questions and add your own:

• What activities do you offer?
• Who do you have contact with? Including both information about those people (age, ethnicity, disability, other risk factors) and about how you engage with them (in activities, providing online advice, fundraising).
• Who has direct contact with children and adults at risk (staff and volunteers)?
• And do you have recruitment checks, supervision and training in place to support them?
• What kind of personal and confidential information do you hold or share?
• Does everyone have the right training?
• Is anything likely to block people feeling confident about how to report or raise a concern?
• How do you fund your activities?
• Is there anything that will put that at risk, and if it did what impact will it have on your safeguarding provision?

You must update your risk register at least once a year as an annual review, but it is also useful to update it whenever incidents highlight new risks that you had not foreseen.

• If you deliver an online service, use the digisafe guidance and templates to assess and mitigate risk.
• If you want practical advice on managing risks in specific places, activities, and with equipment and resources try the National Youth Agency Safeguarding and Risk Management Hub.

To determine if your work managing risk is effective, you need good internal reporting systems.

• Review complaints, safeguarding incidents, accidents and near misses regularly with your team.
• Look to see if your safeguarding measures are having a good impact and whether there are new risks that need to be addressed.
• Review and update your risk registers regularly so that they’re an accurate record and a practical tool to help you plan, budget and keep people safe.
• Feature safeguarding in your annual report and accounts. We have further guidance on our page for trustees about safeguarding reports.
• If you need more information on risk registers and risk assessments you can use the Charity Commission's charities and risk management guidance pages.