Enterprise risk management plan for Greenpeace Norway
Master thesis
Submitted version
Permanent lenke
https://hdl.handle.net/11250/3030206Utgivelsesdato
2022Metadata
Vis full innførselSamlinger
Sammendrag
Greenpeace Norway is the Norwegian branch of one of the largest independent
environmental organisations in the world. The organisation has a common mission to work
towards protection of the environment and prevention of the climate crisis. This paper aims to
create an enterprise risk management plan for Greenpeace Norway, which at present has no
plan for risk management.
Mixed methods were used to gain a comprehensive understanding of relevant factors in order
to create a functional enterprise risk management plan. Primary data was collected through
three in-depth interviews with five participants and a questionnaire completed by 152
individuals. This allowed for the identification of risks and provided descriptive information on
individuals in the target population, such as on their awareness of the organisation, the
relevant market, donation habits, and more. Secondary data was collected from annual
reports for information on the financial status of Greenpeace Norway compared to similar
environmental organisations, and to supplement the primary data in the process of identifying
risks.
Forty-two relevant risks related to the day-to-day operations of Greenpeace Norway were
identified and assessed, and mitigation for each of these risks were suggested. Risks were
ranked and assessed according to whether they were internal or external and the likelihood,
impact, and vulnerability of the organisation to the risk. To make the enterprise risk
management plan as legible as possible for the end users, risk registers and risk mitigation
logs were divided into five departments: programming, fundraising, communication, IT, and all.
A final enterprise risk management plan that can stand alone is presented for the organisation
to follow, to thereby contribute to increased value for the organisation. Monitoring practices
and suggestions for implementation of the risk management to garner the support of staff and
volunteers and for the maintenance of consistent risk mitigation practices are also provided.