Managing risk: An infographic and guide for public leaders

Risk management is central to the mission of public boards and councils. Charged with upholding the public trust, these bodies must continuously anticipate, respond to, and mitigate threats. From cybersecurity threats to economic shifts, public entities must be ready not only for the risks they expect, but also for those they haven’t imagined.

As Chad Bledsoe, President of Montgomery Community College, puts it: “Ultimately, the board has the responsibility of ensuring that the institution is meeting its mission. And that can't be done if there's not adequate oversight of financial resources of the risk that we all take on whenever we talk about providing services, equipment, training, employing teachers, all of that area.”

Why risk management matters for public entities

Local and regional governments in the US had collective expenditures of $2.5 trillion in 2022. That scale of responsibility creates a tempting target for both cybercriminals and opportunists. Boards and councils must not only protect vital resources but earn — and maintain — the trust of their communities.

One of the fastest-evolving threats is cybercrime. Cities and school districts, for example, have emerged as prime targets. In 2024, a ransomware attack in Columbus, Ohio, compromised the data of 500,000 people. And as “Ransomware as a Service” models proliferate, attackers are becoming more specialized and sophisticated.

Eight key risk areas for public boards and councils

Clear, proactive governance requires an understanding of the wide array of risks facing public entities today. The most common risk categories include:

1. Cybersecurity, from hacks to ransomware
2. Federal policy changes impacting funding and regulations
3. Financial challenges: rising costs and fraud
4. Social and economic instability
5. Public health crises
6. Reputation and public trust issues
7. Labor and human resources concerns
8. Environmental challenges

Margaret Corbett, Deputy City Clerk, City of Niagara Falls, Ontario, suggests linking risk and harm, “From a financial standpoint, it's linking those concepts: How are we mitigating the potential harm if we're not acting in a responsible manner? We must ensure that we're working together to support each other appropriately for the overall benefit of the citizens here in the city.”

You can also download the infographic in pdf format here.

Actionable steps to minimize risk

How can public-facing boards mitigate these risks? Consider implementing practical, repeatable steps such as:

• Offering risk education for board and council members
• Establishing dedicated risk committees
• Reviewing key areas of risk and their potential impact
• Including risk updates in every meeting agenda
• Securing digital resources with managed access
• Bolstering transparency with their communities

As Scott Bridgen, General Manager, Audit and Risk Division at Diligent, explains:

“If we can demonstrate as organizations that we are allocating funds in the correct way, that we are gaining that trust and, more importantly, delivering and executing on the objectives and outcomes, it's easier to justify additional spend and conversations. At the end of the period... it makes having those conversations much easier going into the next financial year.”

Where to find expert help

No council or board needs to tackle risk alone. Trusted resources include:

• State associations
• Municipal leagues
• Risk management pools and insurers
• FEMA
• Trusted partners like Diligent

How governance technology supports risk oversight

Secure, modern governance technology plays a growing role in helping public bodies manage risk and drive transparency. With solutions like Diligent Community, entities benefit from:

• 256-bit AES encryption — meeting FIPS 140-2 standards for data protection
• Permission-based access to critical information
• Integrated video conferencing and public website for true transparency
• A secure, central document library for important reports and records
• Access (for Diligent Community users on the Diligent One Platform) to tools like Diligent AI Risk Essentials, powering AI benchmarking and education resources

Let's dive deeper

A well-trained board can be the difference your district needs. Here are more resources to support and upskill your board:

• Our guide Staying on top of finances and risk: Practical tips for public-facing boards is full of expert advice and practical tips from seasoned professionals.
• The cheat sheet The 5 essentials of financial oversight: A cheat sheet for public sector leaders is packed with actionable tips and strategies to guide you in streamlining board operations and fostering strong alignment.
• Watch our webinar Smart oversight: Proactive budget risk defense for school districts & local government for an informative panel discussion about financial and risk oversight.

Diligent Community, part of the Diligent One Platform, is a robust digital solution that ensures that board members have access to the information they need, anytime, anywhere. It also helps boards remain compliant with laws and regulations, while improving engagement and alignment. Talk to one of our governance specialists today to find out how we can help your public board with risk management.