Chapter 5
Programs & Services
For most people, a nonprofit is what it does. The programming offered and services delivered are the public-facing front door to any nonprofit organization. A nonprofit’s programming appears as the most visible aspect of its operations. It’s what the community, donors and government see first and it’s the place where some of the biggest organizational challenges lie so it’s an obvious place to look when starting your risk assessment and management work. Risk also occurs in other departments and functions such as finance, communications, personnel and governance. We will cover each in turn in this section of The Nonprofit Risk Book.
The activities described in this chapter on Programs and Services include some of the most common risks for nonprofit organizations. It is important to note that while program and service risks, along with risks in governance, financial management, and staffing/human resources are the functional areas of nonprofit operations that are most commonly associated with risk, they are not the only ones to carry risk. In fact, if you look at widely publicized failures in nonprofit organizations, you will find that the cause of the closure, defunding, or leadership change were not risks that originated in programs and services at all; rather, they took root in business processes and practices and rippled out from other core functions in the organization.
The Nonprofit Risk Book describes the core business features of an organization as functional areas. The taxonomy used in the book includes eight functional areas: services, staffing, financial management, operations, fundraising, communications, governance and environment. Within the framework of functional areas of operations, we discuss specific activities and their associated risks. This is a conceptual framework to help focus thinking on risk—remembering that risk can occur in any or all organizational functions offers a way of thinking about risk and the many places where risk may occur in your organization. The functional areas covered in the second half of the book offer colorful illustrations of situations, conditions, or incidents that have occurred in organizations we know. While the particulars may either resonate or seem unfamiliar to you, we hope they offer a window into risk identification and mitigation planning. The idea is to spark your thinking and offer framing examples that may be useful in practice.
As we pointed out at the beginning of the book, a nonprofit organization can be viewed in terms of the various functions it performs to animate its mission. Some organizational functions are performed by specific teams or departments within the organization, while others may be outsourced to other organizations or firms. We discuss functions rather than management structure because organizational hierarchy and architecture vary widely from organization to organization whereas the core functions of a nonprofit organization take place and can be found in almost every nonprofit organization and NGO.
We look at program-related risk activities that can put organizations at risk in this chapter:
–Focusing on Mission. It’s very easy for the organization’s chartered mission to be sidetracked as funding opportunities emerge and as programs evolve.
–Providing Programming and Services. This is the core of the chapter and the heart and soul of nonprofit organizations.
–Serving the Public: Patrons, Audiences, and Clients. Dissatisfied users or customers present unique risks.
–Collaboration, Affiliation, and Working with Other Organizations. Few organizations can do everything on their own. Impact is often greater when organizations work together for a common cause, but collaboration carries its own risks.
–Planning for Sustainability, Growth, and the Future. Things always change, and a focus on how an organization will handle change or find opportunity in changes is one of the hallmarks of a nonprofit organization prepared for potential risks.
Focusing on Mission
All organizations have to focus on basic mission. For commercial organizations, this mission is generally centered on building value (often future value) or income (generally present value) for the organization’s shareholders. Focusing on a mission for a commercial organization is often part of its branding and its priorities are expected to change so long as it continues to produce value. For a nonprofit organization, the mission is enshrined in organizational documents, its culture and practices, and in the menu of services and programs it offers. A nonprofit’s mission is not about making money—its value is measured not in profit, but in its ability to produce a desired outcome and impact the people and community it serves.
Beyond that, the mission of a nonprofit organization is linked to its tax-exempt status, its funding, and other binding commitments. Deviation from mission can have serious financial repercussions. For a commercial organization, deviating from or changing its mission is more likely to be a matter between the organization and its customers, shareholders, and staff rather than a public matter.
Note: This is a very abbreviated discussion of the mission issues for both commercial and nonprofit organizations. For more information, consult the Charities Bureau in your state or region, the National Council of Nonprofits, or a legal advisor.
What to Watch For
One common risk for nonprofit organizations arises from their very status as nonprofits. The board members, directors, staff, clients, and public at large view the nonprofit as an organization dedicated to providing a public good rather than as an organization dedicated to a specific mission for the public good. One way in which this issue has arisen is in regard to real estate - historic buildings that are donated, owned or used under long-term leases. Take for example a stately home that has been left as a bequest to a local health clinic. The organization has been given an asset that forces it to confront the tension between the upkeep and maintenance needs of a century-old building, and its mission to providing health care to the community.
Bequests that establish organizations or that provide gifts to them often become entangled with the desire to preserve a historic structure that the organization owns. Can you run a modern health care clinic out of what was a merchant’s house from over a century ago? If the establishment or bequest results in the organization and its board being forced to manage a dual mission of real estate management and historic preservation and providing health care, then the board must consider the risks of the organization spreading itself too thin and make decisions that may be painful or controversial.
Frequently, the bequest or other funding is directed to the activity, such as health care, and the physical facility is provided to help advance that activity. One risk nonprofit organizations can face is their staff and connections having multiple community interests (such as healthcare and historic preservation), but unless all interests are balanced in the organizing documents, there may not be an easy answer to these challenges. Commercial organizations have it easier because they tend not to have missions in the same sense that nonprofit organizations do. (The issue does arise for commercial organizations, but it often has to do with zoning and land-use issues in conflict with activities, rather than a governing structure of the organization.)
Other areas to consider:
–Do you regularly review and revisit your organization’s mission and programming for alignment to see whether it reflects changes in the community served and from which it recruits staff and board?
–Does the wording of your mission statement reflect ideas and vocabulary that identify it as old school or no longer relevant? Conversely, is your mission focused on a future that does not yet exist and is hard to imagine?
Prevention
The most basic way of preventing mission-focused risks is to ensure that everyone—including the board, director, staff, and the public—understands the mission. Understanding the mission involves not only its focus and definition, but also how the organization’s mission and role differs from missions of other nonprofit, government and commercial organizations.
A second form of prevention is to establish an inventory of the governing documents, including procedures and bylaws as well as terms of gifts and bequests, to make sure they are understood. In the case of certain constraints, it may be appropriate to begin to take steps to make changes. For example, a cultural nonprofit formed by actors or musicians may, over time, evolve into an organization run by members of the public or fans of actors or musicians. This may happen without modifying the governing documents, which, nevertheless, may have strong legal force behind them.
Other issues to be reviewed are board membership constraints, in more general terms. For older institutions, there may be restrictions on residency, age, gender, or other characteristics of board members, which may need to be updated. At the same time, as this project goes on, you may also want to review general bylaws to see if they need modernization.
Mitigation
Note: Mitigation for an activity as a whole is not always possible or even necessary. However, you need to mitigate as much of the problem anywhere in the activity, just as you would any other general risk event. Where specific mitigation actions are available for an activity, they are listed in this book.
In an ideal world, your prevention efforts eliminate the need for mitigation, but we don’t live in that world. In the case of mission focus, this is particularly difficult because identifying inconsistencies between the founding legal focus of an organization and its current practice may uncover issues to be resolved, which may take time. Should such an issue be uncovered, make certain that there is a plan in place to resolve it in some way so that it doesn’t suddenly become front-page news.
As is often the case, deciding to keep something private—particularly in the nonprofit world—can just make things worse.
Providing Programming & Services
With the focus on the mission secure, you can turn your attention to the actual programming and services that your organization provides. Although the range of programming and services in nonprofit organizations is vast—from providing housing for the homeless to libraries, operas, and museums to the public—the risks involved in providing these services often have remarkable similarities.
What to Watch For
The basics of providing services are the same for commercial, government, and nonprofit organizations. Presumably, you have the basic best practices in place for your type of programming and services, including making certain that the offerings are consistent with the demand and that they are effective. Periodic reviews and surveys of both participants and non-participants, be they patients, customers, attendees, or staff, can help the organization know whether it is on the right track. Legal and grant-related recordkeeping is only a part of the data you need to collect. A one-time consultation (and subsequent action) based on modern principles of data science, statistics, and business analytics—somewhat overlapping terms for the basic concept—can help you understand the data that you need to collect and how to make it as useful and actionable as possible.
For most nonprofits, a key program metric is attendance and use of your offerings. In this case, you should be carefully maintaining records of use. You also should have records pertaining to the details of an event or use, including date, time, location, comments from participants, media reviews and articles, and records of providers and leaders.
The absence of attendance and vacancy data or records is a clear warning sign that there are likely other significant gaps in program operations or quality.
Here are some other areas to consider.
–Do you solicit feedback annually from users and attendees on their experiences, as well as non-users and non-attendees to understand why they don’t take advantage of these opportunities?
–Do you track media comments —including social media—coverage of your organization? This can include critical and inaccurate media coverage and negative stories, which can sully your reputation with clients, participants, and donors.
–Are your programs and services fully subscribed, or do you have no-shows, vacancies, or long waiting lists?
Prevention
An important prevention action for programming and services risks involves data collection. For all events and services, you should have a standard procedure to capture the details of the event in a database or spreadsheet. Management (board and staff) should agree on the data and protocols for its collection, storage, and retention. If you do not have these policies in place, it may take time to structure them. Depending on your organization, it may be worthwhile starting with the most obvious data and gradually refining it. The alternative—waiting until everything is “right”—may end up taking so much time that it never happens. Although the details differ by organization and type of service, the basics are:
–Type of service
–Date and time of use
–Provider/leader/talent
–Users/participants
–Revenue (both direct from fees, and from collateral sources such as food, souvenirs, and any revenue other than direct)
–Pre-, contemporaneous, and post-media reports and press releases
–Comments from users/participants, organizers, providers, and talent
You can create a spreadsheet or database with these headings. Spend some time going over it with your colleagues who may have more front-line experience than you do. Don’t worry about getting the initial reporting as perfect as possible: worry about getting the idea of reporting started. You can continue to review your reporting as time goes on, but if you wait until you have the perfect reporting instrument or database, you may never start collecting the data you need.
If you capture this data in multiple formats or systems, either consolidate the data or provide clear standards for sharing it. The data should be immediately available—if it takes two weeks to collect it from multiple spreadsheets and databases, it will be less useful.
Depending on your events and services, make sure you also keep track of important things that don’t happen, such as:
–No-shows
–Empty seats/slots/space
–Speaker/trainer/talent no-show, late arrival/departure
For services that are offered or provided over a period of time, you may need to keep track of no-shows and excess capacity on a weekly or location basis.
As you collect data on programming and services, make certain that your collection and maintenance procedures respect the privacy of individuals and the laws that govern your organization and its data. The balance that you strike may need a robust mechanism for allowing people to opt out of data collection, as well as the anonymization of personally identifiable information if laws, best practices, and your own policies permit that.
Perhaps the biggest risk involving programming and services is the risk that all organizations take in providing programming and services. Everything from snowstorms and hurricanes to transportation disruptions and parades can interrupt programming and services. The fact that you cannot control these external risks doesn’t mean that you shouldn't plan for them. Memory is a remarkable thing. We don’t often remember common things, but we do remember the exceptions (the hurricanes, the standing-room only crowd, and the like). Keeping track of utilization and incidents that interrupt attendance can help you to see how common these special events really are.
There are some areas that you should focus on that generally do not affect other types of organizations. Because nonprofit organizations often play a public role, you may be expected or required to provide programming and services whether they are used or not and whether they are funded or not. Reviewing the requirements to which you are subject and staying on top of changes that may affect the scope of your services is essential.
Serving the Public: Patrons, Audiences, and Clients
The people and communities that you serve are a key part of your organization’s structure and operations. They bring with them a variety of risks that you must prepare to handle.
What to Watch For
An organization that serves the public in any way has a variety of challenges to watch out for. Identifying the target population you serve helps to pinpoint the specific risks involved in doing so. Presumably, you know the public(s) that you serve, including their needs and characteristics. If your facilities and programming don’t meet user expectations, you will encounter problems with attendance, staff turnover, underused facilities. There are risks involved in mismatches, and they are particularly likely as there are changes either to the population served, the services provided, or the facilities.
Prevention
The larger and more diverse the public that you serve, the more opportunities there are for risks. Here are some of the risk challenges to watch for.
–Changes to your public, facilities or services can throw a well-balanced and organized operation off-kilter. Whenever changes occur, be certain that you review all patron or client-facing activities of the organization that are relevant to the public being served. In particular, watch out for the less visible parts of the organization. For example, an annual book discussion group in a library may rely on a meeting space that is quiet and accessible without steps, even though it is a once-yearly event that serves only a handful of people.
–When you are serving the public, you often are also dealing with other organizations and people, many of whom you do not control or serve directly. Keeping track of how the public, including those who are not currently members perceive your organization and its operations is essential, particularly in the age of social media.
–Be certain that you and the members of the public understand which parts of your interactions are confidential (sharing personal information or use of credit cards) and ensure that this confidentiality is enforced and data security rules are followed.
–Perhaps it is just an aspect of today’s world, or maybe it is more common in nonprofit organizations, but be aware that you may be interacting with members of the public who also play other roles within your organization. Board members may also be audience members or users of your other services, and, in fact, many consider it part of their responsibility to use your services. Ensuring that everyone has a clear understanding of which role a person is serving in at a given moment helps avoid conflicts.
–Depending on the organization, you may need formal terms of service and responsibility for the organization and the public.
Some questions to consider include:
–Do program staff members have the expertise needed to perform well?
–Do we review a set of criteria before applying for grants or opening new programs?
–Is our staff comfortable using our data management and reporting systems that track client information, services provided, outcomes, and that generates reports?
–Do all staff members receive required program and compliance training, regular supervision, and refreshers?
–Are all programs properly staffed and are there sufficient staff to meet the needs of the community served?
–Do we review activity, quality, performance, and outcome data regularly?
–Are all of our programs appropriately subscribed and all slots, seats, and beds filled?
–Is our staff vacancy and turnover rate comparable to other organizations doing similar work?
–Do we review incidents, quality, and performance monthly and develop remediation plans to correct issues that emerge?
Working with Other Organizations
Some nonprofit organizations are totally self-contained: they carry out their activities with their own resources (think of a basic science research facility). Others have greater or lesser degrees of public engagement and engagement with other nonprofit, commercial, and governmental organizations. In many cases, a collaborative project among multiple organizations is an effective and often necessary way of meeting a community need.
What to Watch For
One of the biggest risk areas occurs when a nonprofit works with a new partner organization for the first time. Affiliations, alliances, and partnerships take a bit of calibration on both sides to make them work properly and there are many places where risks emerge and lead to failure in communications or coordination or accountability.
Another area of risk is when the two organizations are distinctly different sizes and use different management structures. In other words, operational or organization differences among partners may also be a source of risk.
Here are some other areas to consider.
–Do program staff members from partner organizations have the expertise and training needed to perform well together?
–Are the two organizations’ staff vacancy and turnover rates comparable? As previously noted, this is a matter that should concern your own organization, but for collaborative endeavors, you should consider it in the context of two or more organizations individually and together.
Prevention
These are some practices to consider to prevent known risks.
–Make certain that there is clear, accurate, and timely communication about joint issues.
–Identify any differences in operations and policies that may come into play. These range from terms of payment and reimbursement (particularly paperwork, computer systems, and scheduling), to insurance covering people and facilities in joint ventures, to documenting differences and procedures for cooperation.
–Be sure that there are clear responsibilities for unexpected contingencies.
–Clarify who speaks for the project—whether it is one of the organizations or a joint responsibility.
–In any plans for joint responsibilities and operations, consider that they may need to be exercised quickly as unexpected issues arise.
–Plan from the start for termination and separation of the organizations.
–Don’t assume that data and data systems can integrate easily whether they are based on the same technologies or not.
Mitigation
If there are issues related to a joint venture, here are some of the mitigation strategies that may be useful.
–Have an incident reporting and communication process in place. Before multiple versions arise about what has happened, be certain that there is a single statement of events.
–Formalize and document communication and commitments. Reduce risk by keeping records and producing tracking reports.
Planning for Sustainability, Resizing, and the Future
It is not enough to plan for the present; every organization needs to plan for its future.
What to Watch For
In addition to the planning issues faced by all organizations, nonprofits deal with an additional set of unique challenges. Among issues to watch for are governance issues. In many ways, these are similar to governance issues of privately held businesses. The “founderitis” issue, in which either a founder or the initial founders of an organization have trouble actually leaving or passing the torch to their successors, is a common risk in nonprofits and should be anticipated and watched. Managing the transition to a second generation of management (either in terms of age or point of view) is a challenge many organizations face.
Likewise, long-term planning is not unique to nonprofits, but that planning often needs to include planning and multiple scenarios for the future of supporting organizations and client organizations. For example, many long-established cultural organizations today are confronting issues of an aging base of benefactors, audiences, clients, and workers and reduced funding and support from government.
Among the changes you can expect to encounter, remember that personnel matters will loom large. For many nonprofits the bulk of their spending is on personnel. Over time, some organizations founded by volunteers have become professionally staffed organizations. Credentials and salaries for employees may change to such an extent that staff or board may express the sentiment that “the soul of the organization” has been lost. Transitions of this kind and in fact transitions of any kind whether in leadership, branching out to new communities, adding new programs or changing recipient populations increase the potential for risk that can delay or divert attention from your new goals.
Prevention
These are some steps to take when planning for the future.
Scan the field to learn about new priorities or directional shifts by other nonprofit organizations, not just for guidance in scenario planning but for an indication of where your field may be headed. Use these observations to consider how your organization may have to adapt to fit into a changed environment.
Resizing means planning not only for growth but also for consolidation as well as restructuring. Making certain you stay true to mission and understand the difference between what your organization does and how it does it will avoid risk.
Look at sustainability not just in the environmental sense, but also in the sense of how your organization will change and thrive in the future. Libraries must plan for changes in a world of eBooks, and the changing services patrons expect.
–Sustainability also means considering what to do when an organization's goals are achieved either through the organization's efforts or through external actions. Life spans are increasing and many elderly people prefer to live at home. Long term care facilities need to consider the changing preferences of clients and their families.
–When it comes to societal changes (eBooks, social media, changing political priorities, and the like), have enough discussion at the C-level (the chief executive and other chief positions) and board to be able to decide in general and specific instances if you want to be a leader (early adopter), a laggard (“old fashioned”, perhaps), or in between. The organization’s culture plays an outsized role in accepting and adopting news ways of working. It is also a place where risk can live or be addressed. In addition, remember that an overall organizational approach to change often is complex. In certain areas, the appetite for change is much greater than in other areas of the organization.
–Don’t assume that everyone will appreciate every good thing you do. You should be proactive and pointing to the good work you do and prepared to acknowledge missteps soon after they occur. A communications plan and crisis communications apparatus should be an ongoing part of your overall social media, outreach and engagement and media monitoring activities. It is harder to disparage an organization that has documented, validated and communicated its good deeds and mistakes made through ratings, testimonials and satisfied service recipients.
Mitigation
If you encounter a risk event in this activity, as is the case with many of the events in this book, mitigate the adverse effects by following the preventive steps you've already taken. Even so, these issues need to be addressed.
–Try to anticipate and assess the impact of change in your programs and services as early and often as possible. An expected negative reaction and or cataclysmic threats often turn out to be less extreme in reality. Rather than deal with the generality of changes, examine the specific impacts that happen and may affect your organization.
–To mitigate the fallout from “soul of the organization lost” perceptions, look to any other type of organization in your field (not just nonprofits). These changes can have long-term and deep-seated consequences.
–Don’t assume that the world and your followers are watching and appreciating every good thing you do. You should be proactive and point to the good work you do and it should be an ongoing part of your social media campaign. It is harder to attack an organization that has created a verified wall of good deeds that can be enhanced by quotes, testimonials and so on.
Summary
As the most visible part of your organization, programming and services is an area where risks cluster and where one incident can turn into a crisis. In this chapter you see things to watch out for and steps to take to mitigation and manage problems.
Several steps to take to prevent problems recur in various contexts (not only in this chapter but throughout the book). Keep track of what happens (and doesn't happen) in a convenient and systematic way; relying on memory is a poor substitute for contemporaneous documentation.
Watch and listen to what happens and how your programming and services are received in the community. Make certain that you don't bias or prejudice your collection of comments about your work: search out general reactions as well as specifically searching for positive and negative responses.
In many ways, the programming and services your organization provides is all that people know about your organization.