Opportunities and risks

As a federal enterprise, GIZ has the responsibility to identify risks at an early stage, not to lose sight of these risks, and to steer its course accordingly. To help us, we have a risk management system which systematically records risks and devises appropriate risk management measures. It is also important to identify potential opportunities, so that these can be harnessed in our business, and so that we can underpin and enhance our competitiveness and performance. The following three issues that we addressed in 2020 give you an example of how we deal with opportunities and risks.

	COVID-19 pandemic	Security situation in our countries of assignment	Digitalisation and IT security
Opportunities	New areas in which GIZ can provide more services New impetus for international cooperation opportunities Fine-tuning the culture of safety and security within the company	Lessons learned by staff bringing greater understanding and knowledge Greater expertise in security and stabilisation Fine-tuning the culture of safety and security within the company	Organisational, process-related and technological development through optimisation and certification of digital solutions Greater efficiency, stability and competitiveness; enhanced ability to act and deliver Skipping development steps in digital solutions Greater flexibility in working hours and locations
Risks	Greater potential for escalation during crises Threat to staff safety, for instance due to limited evacuation options Weak health systems Risk of spreading pandemic due to a lack of care in our work	Security risks for staff due to conflicts and rising crime Destabilisation of society Reduced enforceability of human rights	Cyber-attacks becoming more professional while IT security fails to keep pace Risk of breaches of contracts or laws, financial loss, damage to reputation as a result of security vulnerabilities Changing demands in terms of professional skills
Measures	We have addressed the consequences of the COVID-19 pandemic with our company-wide security risk and crisis management system. Decisions were taken swiftly and flexibly. Differentiated communication and advisory services kept all staff and managers worldwide aware of the latest developments: how to deal with the virus, mobile working, commercial risks and health promotion measures. We are drawing on lessons learned from the past year to strengthen our crisis resilience across the company.	In our countries of assignment we operate a structured security risk management system, which is managed and planned in conjunction with the Corporate Security Unit. Our duty of care for our staff is our top priority. We respond to circumstances on the ground with precautionary measures, regular security risk analyses and security training for staff and country directors. Full-time security advisors, who regularly monitor the security situation in the partner countries and provide support during emergencies or crises, are vital for GIZ’s security risk management.	We have put in place an information management system that defines rules and methods for a holistic business and IT security management system. It builds on security measures that are relevant in terms of process, organisation and technology, with a view to enhancing the level of security throughout the organisation and countering IT security risks in an appropriate manner. Data protection measures and training in digital security are part of this.