Section 8



1.1 The Charity Commission strongly recommends that charities have a clear risk management policy and process, with a structured approach to risk management that is appropriate for the Charity’s size and complexity.

1.2 As a charity working with older people, the Puddenecks face both general risks to the successful conduct of our work and particular risks to and from individuals or groups of individuals. The assessment and management of these risks is necessary for the protection and welfare of trustees, members, volunteers and service users.

1.3 The Charity must also stay aware of its responsibilities under relevant legislation. To that end, all the Charity’s policies and guidelines are reviewed on an annual basis to ensure they remain compliant with current legislation and best practice.

1.4 Risk management is everyone’s responsibility and, so far as is practicable trustees, members, volunteers and users should all be made aware of risks and how to reduce those risks.


Not all risks are equal and they may vary between different objectives, however, in considering risk the following areas need to covered:

2.1 Finance: Including reduction of funding; uncontrolled expenditure; unforeseen contingencies e.g. litigation.

2.2 Operational: Including the use of premises and facilities; health and safety issues; accessibility; food hygiene; security (see Operating Guidelines)

2.3 Reputational: Threats to the Puddenecks reputation through the acts or omissions of trustees, volunteers or users; bad publicity; misrepresentation; poor quality service; the disclosure of unauthorised information.

2.4 Compliance: negligence towards members or volunteers or in the provision of services; breach of law/regulations etc.

2.5 Information: loss, contamination or misuse of information (see GDPR Policy)

2.6 Governance: Trustee committee lacks relevant skills or commitment to fulfil role; failure to comply with agreed policies, procedures and legislation.(see Governance Policy)

2.7 Capacity: not having sufficient members or volunteers to meet objectives.

2.8 Guests: their health status, level of support needed, possible lack of interest in events (see Safeguarding Policy).


The trustees will ensure that a viable risk management process is in place taking account of the following:

3.1 Assessment / Information Gathering:

• Is there a risk involved in the situation or proposed action?

• What is the nature of the risk?

• How likely is it that it will happen?

• If it does how serious will it be?

• What are the positive reasons for taking the risk?

• What can be done to reduce or eliminate the risk?

• How many people are needed to deal with the situation and are they available?

• What are the contingency plans if things go wrong?

3.2 Judgement: Once the above has been considered an experienced trustee or group of trustees should be in a position to make a judgement about how to proceed. If there are doubts it may be of benefit to consult our insurers.

3.3 Decision: Once the decision is taken others who need to know should be informed and any contingency plans should be shared with them. Where necessary this should include our guests (eg explaining fire regulations when we are using a venue).

3.4 Evaluation: Even when all has gone well it is important to look at how things turned out and what factors may have affected the successful outcome. Information gained should be recorded and shared. When something has gone wrong it is essential to examine in detail what happened, to make recommendations for action to avoid something similar happening in future and to share these widely.

3.5 Insurance cover: the charity holds insurance that covers:

  • Staff liability: while we do not employ staff this covers the charity against injury to members or volunteers while helping with activities
  • Public and products liability (injury to the public, guests or damage to their property)
  • Trustees and Directors Indemnity (costs and damages caused by a Trustee, member or volunteer due to a wrongful act such as failing to carry out a duty or a breach of trust but not reckless action)
  • Legal costs or expenses agreed by Insurer

Personal property is excluded.


4.1 The importance of making a written or computer record of the above process in all cases of serious risk cannot be over-estimated. It may be necessary to prove later that risk was adequately considered. Much of this is detailed in the relevant section of the Constitution, but records will include:

  • Risk Assessment forms being completed for all events and activities
  • Trustee Committee and Sub-committee minutes and papers
  • incident reports and log book
  • Financial records

4.2 If the possibility of serious risk has been considered this should always be recorded.

4.3 In making and keeping records the requirements of the Data Protection and Freedom of Information Acts must be observed (see our GDPR policy). Guests have the right to request access to any information we hold about them.


This is an essential part of managing and reducing risk. Information must be shared with the Trustee’s Committee so they are assured that the risk management process is working and so they can review and learn from the risk assessments that have been made. To that end, risk management will be a standing item on the Committee’s agenda.


As recommended by the Charity Commission the Annual Report will include a Risk Management Statement including:

  • an acknowledgement of the trustees’ responsibility to identify, assess and manage risks
  • an overview of our charity’s process for identifying risks
  • an indication that major risks have been reviewed or assessed
  • confirmation of the systems and processes set up to manage risks

Bryan Harrison                                                                                

Last reviewed: February 2024