School leaders speak: Expert advice on managing risk in public education
Strong risk oversight has become one of the most essential responsibilities of today’s school boards and superintendents. Managing risk in education goes beyond compliance and insurance policies; it’s about safeguarding the conditions that allow students to learn and teachers to thrive. It requires coordination, communication and a commitment to seeing potential challenges before they become full-blown crises.
To understand how school districts can build that kind of resilience, we spoke with two leaders on the front lines of educational governance: Dr. Gabriel Trujillo, Superintendent of Tucson Unified School District, and Nathan Mains, CEO of the Pennsylvania School Boards Association. Both bring unique perspectives on how proactive oversight helps districts anticipate risk, strengthen decision-making and keep the focus where it belongs: on students and their success.
What is risk oversight in the context of school boards?
Risk oversight has a strong presence in the corporate world but also must be a central part of school governance. Both Trujillo and Mains sketched out the responsibilities of school boards in this key area.
Trujillo defines it as “lessening the probability or the possibility of physical or emotional injury to students or staff, and then also simultaneously lessening or minimizing the possibility of formal legal action in the form of litigation because of injury to student or staff.”
He continues that risk management includes creating structures, policies and processes that minimize the possibility of financial malfeasance or criminal misconduct.
For Mains, it’s a comprehensive term that reflects the school board’s responsibility to all levels of their district: “School boards, of course, are responsible for oversight of their local district, but they need to take a deeper dive and be well-informed, get ahead of the curve and look at what the prospective risks are. Identify those (risks) and provide the resources and the support so that the folks that operate the district day-to-day — the school superintendents, the principals — are able to better manage and better see those things coming around the bend.”
Why risk oversight matters for school boards
“When you look at the service that we provide from the time students walk into a building to the time that they leave us,” Trujillo says, “all day is filled with possibilities of risk. What are the structures and the teams and the processes that you put in place to manage that risk?”
Communities are entrusting their children to the local schools, and they are relying on leaders to ensure that undue risk is minimized, from classroom to playground to cafeteria and beyond. And beyond physical safety, local citizens want to know financial resources are being protected, including budget dollars, facilities, equipment and more. Poor risk management can lead to litigation, financial loss and reputational damage.
In one example, Trujillo points to risk mitigation around transportation, noting, “It could be anything from cameras on our school buses or the placement of monitors on our school buses, right? That's called risk mitigation. It could be the careful consideration of where you put bus stops. This is why we don't put bus stops on major thoroughfares. We put them into the neighborhoods where buses have to pull off. That's risk mitigation.”
Key areas of risk for school boards
Thinking like a risk manager can be a significant change for a new board member, or one serving on a board that has not previously prioritized risk oversight. Risk categories can include the following:
- Physical safety: Transportation, facilities, student behavior
- Financial oversight: Budget management, fundraising, procurement
- Cybersecurity: Increasing threats and the need for data protection
- Compliance: Navigating local, state and federal regulations
Mains describes the revelation that hits board leaders, saying, “You could be a parent that's passionate about athletics. And so you're coming in to make sure that the district's addressing the needs there correctly. Once you get to the table, you're going to be confronted, if you're not already aware, with (it being) a much bigger, more comprehensive role. The job is not down in the weeds the way that the public may think. It is much more of a position of looking broadly at the district, understanding the great challenges and the opportunities that are there.
“And then (you’re) thinking a little more long-term about, ‘What are the risks if we go this way?’”
Trujillo itemizes the many aspects of financial risk: “You are an organization that deals with hundreds of millions of dollars of taxpayer money. So, there's financial risk involved, right? There's cash handling going on at schools every single day, whether it's the local PTA fundraiser, selling water before the football game or the softball team selling candy because they're trying to raise money for the team's Disneyland trip.
For more on financial risk oversight, Diligent offers a cheat sheet for public education leaders as well as an in-depth guide to mastering financial oversight.
Outsmart financial surprises
Download this free step-by-step playbook for elected officials and public administrators navigating risk, regulation and responsibility
Get the guideStrategies for effective risk oversight
For boards new to risk oversight or taking a new look at integrating this effort, there are key strategies to adopt.
- Set transparent, accessible and enforceable policies
- Use scenario planning such as cyberattack simulations and safety drills
- Adopt consistent training and education schedules, leveraging school board associations and institutes
- Make use of technology like board management software for transparency and compliance
- Establish committees to support the board’s work.
On the last point, committees such as those for audit and bond oversight can be effective strategies for many boards. Trujillo describes these committees and the roles they play in his district. He explains, “Our school board has set a policy that we have an audit committee made up of members of the public that are appointed by the board that the administration meets with every single month. The audit committee reviews our financials and also any complaints that come in from the community that allege that one of our employees has a financial conflict of interest.”
He adds, “In the case of our $480 million capital bond that the voters approved, it's $480 million for facilities, renovations and upgrades. Our board didn't just want the administration running point on all this money. So, they called for the creation of a bond oversight committee that oversees all of the procurement and all of our engagement with vendors. They review our proposed expenditures to make sure that they are aligned to what the voters approved. It's publicly accessible, it's transparent and it holds the administration accountable.”
Building a culture of risk awareness
The first step to building a culture of risk awareness may surprise you. Mains describes it as simply developing board relationships, with “a recognition that we're not always going to agree. You've got nine unique individuals there, but if you can, get beyond ‘let's agree to disagree.’ Let's take up this issue. And I want to understand where you are, and you want to understand where I am. If we can arrive at an appreciation that we're not always going to be in the same place, it fosters more trust, and that greater sense of trust and collaboration will get you further when the tough issues really hit.
“So, I think that's vital to figure out a way to open up those communication channels and bond as a board.”
As noted earlier, scenario planning also can help with getting board members in the right frame of mind, and real-world scenarios can be particularly effective. There are many real-world stories to pull from. When studying these stories, board leaders can frame risk mitigation as a commitment to student safety and community trust.
Another piece Mains encourages is “staying well-informed of everything that's happening around you, because you're going to have an easier time recognizing those prospective risks on the horizon if you're staying connected.” Strategies for staying informed could include following state-association messaging and conversations, attending conferences and reading on subjects that extend beyond education, to technology, community development and other issues that may affect schools.
Transparency and community engagement.
Trujillo describes how his district uses a board management solution to strengthen its relationship with the community: "Transparency is the strongest aspect of it. When you look at our accountability structures like a bond oversight committee and audit committee, they're using Diligent to share agendas, meeting minutes and other key information direct to the community. If a community member thinks that we are favoring one vendor over another on a project at one of our high schools that was approved through the bond project or the bond program, they can actually go on our board management solution and they can look at the meeting in which bond oversight committee reviewed the vendor quotes and looked at the procurement timeline. That's the magic, right? That's what keeps people's confidence in the school board.”
The right board management solution will balance this transparency with security and privacy elements that keep the district’s sensitive data safe.
If you’re behind on risk oversight
If your board is lagging on risk oversight efforts, take comfort that you are not alone, but it is time to act. Trujillo advises, “Be transparent and be honest with your school board. If you're talking about administration, if you're a new superintendent and a new CFO, and you see that there is a total and complete lack of effective financial controls, have a conversation — like yesterday — with your school board. You can do it in executive session with your general counsel in attendance.”
It’s time to start auditing and asking for help. “School boards are made up of regular people who want to do right and understand that school districts aren't perfect,” Trujillo says. “Take that opportunity to be honest with them and say, ‘Let's put some effective financial controls in together. Let's go get an expert. Let's do an audit. Let's take this out into the public and frame it as a growth area. Hey, listen, we have concerns.’ We view it as a district growth area. We want to have strong financial controls.”
Last, no matter where your board is in the process, frame gaps in risk oversight as growth opportunities, not failures. By shifting the mindset from blame to improvement, boards can foster a culture of accountability and continuous progress.
The big picture of risk oversight
Mains offers this observation: “Information is king. Relationships are second. If you've got strong relationships up and down the organization, you're going to get the right information. It's going to make your lives a lot easier.”
Trujillo emphasizes the transparent financial oversight structures that have worked for his district, but also the human aspect, saying, “We're about keeping who parents love most in this life safe when they're with us. Because parents trust us with who they love most in this life for about eight hours a day. And if we're doing everything that we can to keep them safe, that in and of itself is risk mitigation.”
Risk oversight is a shared responsibility that strengthens governance and community trust.
Diligent Community for risk-aware governance
Effective risk oversight starts with access to the right information, securely, efficiently and in one place. Diligent Community is a cloud-based board management platform built for the public sector, with secure servers and 256-bit encryption to protect school districts’ most confidential data.
It’s centralized, secure and streamlined, with one hub for all materials. Store agendas, minutes and financial reports in a single, searchable document library — no more digging through emails or shared drives. Compliance and transparency functions are built-in, supporting open meeting laws and strengthening community trust by making decisions and oversight activities easy to access. By keeping discussions and document sharing within the platform, boards reduce risks associated with email or unsecured channels.
Other Diligent Community features include:
- Livestream Manager: Broadcast meetings directly to your district’s public governance site with high-quality video, split-screen agendas and time-stamped recordings, making transparency simple.
- Policy Publisher: Digitally manage the entire policy lifecycle with version control, auditable history timelines, adoption voting and one-click publication to your online handbook.
- Committee Manager: Create dedicated, secure spaces for risk or finance committees with customizable permissions and approval workflows.
- Diligent AI Risk Essentials: Use this AI-powered tool that benchmarks risk data and helps leaders spot emerging issues before they escalate. It also offers guided onboarding and access to the Diligent Institute’s new ERM Certification, supporting ongoing education and governance excellence.
With Diligent Community, your board can simplify oversight, strengthen public trust and stay ready for whatever comes next. Request a demo to learn more about how Diligent can support your district’s risk oversight.
