As rapid political, economic, and social shifts reshape the nonprofit landscape, organizations are reimagining their approaches to risk management and resilience. New research from March 2025 reveals that 40% of nonprofits have already been impacted by changes in funding, with 60% anticipating such challenges in the near future.
From standing up full Enterprise Risk Management (ERM) programs to making small adjustments that facilitate a culture of resilience, many forward-thinking organizations in the nonprofit space have reframed political and economic headwinds as an opportunity to strengthen their preparedness plans. During Grassi’s recent webinar, “Risk Management for Nonprofits: Building a Resilient Organization”, industry experts David Rottkamp, Hassan Khan, and Bryan Fryer shared practical insights for facilitating a culture of resilience during uncertain times.
According to our Grassi experts, here are ten ways that nonprofits can reframe change as opportunities to strengthen their resilience and risk responses:
1. Proactively Monitor Policy Changes
Staying informed about shifting political landscapes at the local, state, and federal levels is more than simply “watching and waiting.” Analyze how these changes impact your state and country, as well as the specific communities you serve. You can start simply by checking weekly updates from the National Council of Nonprofits to identify trends and anticipate needs before they become critical issues.
Examine the immediate and long-term impacts of executive orders and funding shifts and develop actionable plans to protect existing funding or identify alternative resources if government support diminishes.
2. Invest in Cybersecurity Resources
Smaller organizations may be more susceptible to cyber-attacks, due to more limited security resources and expertise. Rapid AI developments from the past five years have introduced additional complexity—as organizations upskill their AI capabilities at pace, so do malicious entities.
Consider engaging a dedicated resource, such as a fractional CIO/CISO or a managed service provider, to create and implement a security roadmap, stay abreast of emerging cybersecurity trends, and establish protocols for continually identifying and responding to threats.
3. Make Your Cash Flow Work for You
An organization’s cash flow structure should support real-time decision-making to support urgent needs when it matters most. Going beyond basic Excel spreadsheets and sporadic financial reviews, you can invest in specialized cash flow management to roadmap protective planning strategies and create more visibility into the future, even when funding might fluctuate.
4. Engage A Diverse Board
Does your board composition reflect a variety of expertise? When board members possess diverse expertise in technology, marketing, and community representation, it will be easier to identify blind spots for risk and connect your organization to community networks.
Establish specialized committees, such as a technology steering committee, to focus on emerging risks and opportunities. Create clear communication channels between management and the board and use storytelling and data visualization techniques to ensure your messages are not only heard but also understood.
5. Leverage No-Cost or Low-Cost Tools
By implementing simple, low-cost tools, your team can reduce time spent on administrative tasks and redirect valuable hours toward fulfilling your organization’s mission. Free and affordable data and analytics tools like Power BI or Google Analytics can help you aggregate important information and tell stories to stakeholders in meaningful ways. Or, for an affordable, added layer of cyber protection, consider cost-effective solutions like Microsoft Defender for Business or CloudFare.
Utilize cost-effective fundraising tools, such as FundRaiser or GiveButter, to streamline donor management and fundraising campaigns or connect with pro bono services like DataKind that can match your nonprofit with skilled volunteer analysts.
6. Adopt a Phased Approach to Enterprise Risk Management
Instead of attempting to implement an enterprise-wide program at once, begin your ERM journey by focusing on two or three priority risk areas, like cybersecurity, insurance coverage, or crisis planning. As Nonprofit Advisory Practice Partner Bryan Fryer advises, “Your first go-around doesn’t have to be some all-encompassing project. Focus on some priority areas that you have specific to your organization.”
Additionally, you can leverage early successes and lessons learned to drive momentum for future initiatives and lay the groundwork for a cross-functional, organization-wide risk management culture.
7. Collaborate Across the C-Suite
Nonprofit CFOs should take a leading role in technology strategy. Technology Consulting Partner Hassan Khan notes, “The biggest trend over the last few years has been the CFO taking on and undertaking technology.”
Align finance and IT priorities by developing joint risk management plans that identify overlapping vulnerabilities, collaborating on technology budgeting, and assessing ROI together.
8. Develop Multiple Funding Scenarios
Instead of fretting over “what-ifs”, your organization can create streamlined scenario planning models that focus on realistic possibilities. Tie scenarios to concrete financial metrics—like cash reserves or workforce retention—and develop specific, actionable plans based on them.
With clear funding contingency plans in place, your leadership can make decisions with confidence and maintain focus on your mission even during periods of financial uncertainty.
9. Create Strength in Community
“Don’t be afraid to get assistance from the other nonprofits in your community,” says Fryer. “Don’t be afraid to benchmark and coordinate with them.”
Are there like-minded organizations, partnerships, or professional networks that your organization can lean on to share resources and collaborate? Nonprofits with similar missions can develop joint advocacy initiatives to share expertise and respond to external pressures together.
10. Embrace Flexible Workforce Models
How can your team maximize time spent on high-value, mission-critical activities, regardless of their work schedules or locations?
Where workforce expectations are changing and adapting, create efficient work environments where staff can be productive during limited hours or flexible environments and accommodate part-time, remote, and fractional staffing arrangements. Implement digital collaboration tools like Slack, Zoom, and Asana to reduce administrative burdens and allow your team to focus on the high-priority activities of your meaningful work.
When nonprofits build stronger risk management frameworks, they can spend less time responding to the complex risks of today, and more time advancing their vital missions. Our team at Grassi can help your organization navigate uncertainty and implement practical risk management strategies tailored to your needs. For more insights from our Grassi experts, see our Upcoming Webinars & Events.
Contact us to connect with our nonprofit advisory team and discuss how we can support your risk management initiatives.
