The Components of a Library Risk Management Program

July 23, 2018

Natural disasters and man-made threats can take place at any time, without warning, devastating everything within arm’s reach. Being prepared for anything from floods to electrical storms to fires is the first step towards ensuring that a library is ready to take on these disasters and others.

Libraries and other municipal buildings may be lacking a comprehensive risk management program unless they’ve been through a disaster before. Having library insurance intact as well as a well-prepared risk management plan are ways to protect against any threat.

Developing a Plan

Libraries should have a fundamental approach to developing a risk management plan. There should be a risk project manager in place to own the plan and regularly check up on it to make sure everything is up-to-date. Here are some things to look for when crafting a rounded-out plan:

Roles and Responsibilities

Each plan should have leading and supporting roles involved as mentioned above. The project manager typically has overall responsibility when it comes to risk management. But if the team is large enough then delegating can be considered for other employees. Third-party risk management teams could also be able to perform more independent risk analyses of a project than those from sponsoring the project team.


Libraries should discuss their budget for risk management for the project. If a project manager doesn’t necessarily know how much in the budget can be set aside for a new plan then simply outlining the process that they will use to determine a risk management budget estimate will do.


Timing has to do with the initial risk assessment that will be performed, as well as how often the risk management process will be conducted throughout a life cycle.


This is a level that helps to understand how a library can determine which risks are important enough to act upon. There may be different opinions among the members involved as to what the threshold should be, but this should be discussed at length to know what all is being taken into account.

Tracking and Auditing

A risk management plan should also consist of the opportunity to document how all facets of risk activities will be recorded for the benefit of the current project. Also, future needs and lessons learned should be documented to keep everyone abreast of how the entire system can be kept fresh. Finally, risk management plans should describe if and how risk processes will be audited.

About Regan Agency, Inc.

For over 35 years, the family-owned Regan Agency has served the risk management and insurance needs of Tri-State residents and businesses. We offer a broad spectrum of insurance products for businesses as well as to individuals, and use of the latest in technology enable us to handle the complexity of large multinational risks while also meeting the personal insurance needs of our neighbors. To learn more about how we can take care of your business and personal insurance needs, give us a call at (631) 669-3434 to speak with one of our professionals.