Keine ArmutWeniger UngleichheitenNachhaltige Städte und GemeindenNachhaltiger Konsum und nachhaltige ProduktionMaßnahmen zum KlimaschutzLeben unter WasserLeben an LandFrieden, Gerechtigkeit und starke InstitutionenPartnerschaften zur Erreichung der ZieleKein HungerGesundheit und WohlergehenHochwertige BildungGeschlechtergleichheitSauberes Wasser und SanitäreinrichtungenBezahlbare und saubere EnergieMenschenwürdige Arbeit und WirtschaftswachstumIndustrie, Innovation und Infrastruktur Artboard 1

Opportunities and risks in 2022

GIZ’s constantly changing environment works in offers a wide range of opportunities in our fields of activity, but there are also risks. We are always mindful of both of these possibilities, looking ahead so that we can put countermeasures in place where necessary.

This enables us to ensure that we can achieve our objectives and deliver the services we agreed with our commissioning parties. In 2022, we focused in particular on the security situation in our countries of assignment and also on digitalisation and information security.

Security situation in our countries of assignment


  • Taking a proactive approach to security allows us to be flexible, yet highly accurate in implementing commissions even in fragile contexts.
  • We are constantly working to professionalise GIZ’s security risk management system, thereby boosting our competitiveness, especially in high-risk contexts.
  • We proactively evaluate crisis situations after the event and identify potential for improvement. This makes our security systems more resilient.


  • Increasing volatility in fragile assignment contexts makes it more difficult for us to implement commissions.
  • Violent conflicts, terrorism, more crime, natural disasters, etc. bring greater security risks for staff.
  • Growing political instability in some of our partner countries makes cooperation with local partners more complicated.
  • External dynamics require us to adjust our portfolio.


For GIZ, our duty of care towards all our staff is paramount. Members of the workforce who are seconded abroad attend specially designed safety training courses prior to their assignment; these courses are tailored to the security situation in the respective country. Our security risk advisors on the ground continuously analyse the security situation and give staff and the Corporate Security Unit regular updates. They work together to assess security risks, advise on how to mitigate them and implement comprehensive precautionary measures to ensure that staff are optimally prepared for crisis situations. Various counselling services are also available to provide psychosocial support in the event of a crisis.

Photo: A person typing on a laptop placed in front of her on her legs.

Digitalisation and information security


  • Technological developments and optimised digital solutions within GIZ make us more efficient and effective.
  • Digitalisation projects in the countries of assignment and the use of digital solutions within projects offer new opportunities for service delivery. These, along with other factors, help to achieve the UN Sustainable Development Goals (SDGs).
  • This makes GIZ more attractive as a service provider for existing and potential new clients, making us more competitive in the process.


  • The digital transformation is extremely dynamic in nature and characterised by rapid developments; it is impossible to make a detailed assessment of its impacts.
  • Both the quantity and the quality of professional cyberattacks are rising.
  • Gaps in IT can have serious consequences, such as financial and reputational damage.


In 2022, GIZ continued to focus on raising its staff’s awareness of IT risks and of the need to handle information responsibly and securely. We have also taken a big step towards our goal of establishing an Information Security Management System (ISMS) worldwide in line with the internationally recognised ISO 27001 standard – throughout Germany, we now need to meet the additional certification requirement called for under the German Federal Office for Information Security’s (BSI) IT-Grundschutz (Basic Protection) standard, which is based on ISO 27001. In 2022, GIZ was awarded BSI’s basic declaration of certification, successfully achieving a milestone toward global certification. But as technology, data protection and hackers continue to evolve, with their focus and approaches changing all the time, we will continue to enhance our information and IT security in future. A security-conscious organisational culture and a resilient security architecture play an essential role here.

Focus on sustainability risks

GIZ also monitors risks connected with sustainability issues, including the impacts of climate change. For example, extreme weather events such as flooding and droughts are on the increase in many of our countries of assignment. Rising sea levels, higher temperatures, land and forest degradation, biodiversity loss and desertification are having a detrimental effect on the lives of local people. All of these phenomena can severely restrict the opportunities for sustainable development in these countries and result in poverty there being further exacerbated. Furthermore, many of our countries of assignment have only limited opportunities for adapting to climate change. This makes climate change a risk both to the effectiveness of our projects and to the safety and security of our staff.

GIZ is implementing a great many diverse projects around the world with the aim of countering the negative impacts of climate change in our countries of assignment.

You can find out more on this topic here: Adapting to climate change

Consciously managing risks, averting damage

The objective of GIZ’s risk management system is to identify future risks and to manage them at the level at which they originate. This prevents us from missing targets or being unable to deliver services as agreed. The staff responsible must establish how likely it is that certain risks will become reality, and what potential damage they could cause.

With its risk management system, GIZ meets both the legal provisions and the requirements of different commissioning parties. It receives funds from the German federal budget, international organisations and other sources. In order to be able to use these funds efficiently to complete projects and achieve the objectives of these projects, the company has developed a risk management system that all managers are bound by. The system ensures that risks are handled systematically and consciously across the company, and is part of GIZ’s internal rules and regulations.

GIZ classifies risks according to the company’s own risk catalogue, and makes a distinction between security risks and operational and commercial risks, for example. The risk catalogue covers environmental, climate, social and sustainability issues (including human rights), as well as risks associated with corruption and other aspects of compliance.

A company-wide survey to identify any new risks and any changes to known risks is carried out every six months. The survey also asks what steps have been taken to manage risks. Irrespective of this survey, GIZ’s organisational units are free to report ad-hoc risks at any time. The results of the six-monthly risk survey are discussed by the Risk Management Committee (middle management) and the Risk Management Board (senior management and one member of the Management Board).

The Safeguards+Gender management system

When preparing and implementing international cooperation projects, it is important to make sure that the desired improvements in one area do not result in any unintentional deterioration in other areas. Effects of this sort are also termed unintended adverse impacts. In line with the precautionary principle, the projects of all commissioning parties that are planned within the framework of the Safeguards+Gender management system are checked at the preparatory stage for possible unintended adverse impacts with respect to:

  • The environment
  • Climate change (reduction of greenhouse gas emissions and adaptation to climate change)
  • Conflict and context sensitivity
  • Human rights
  • Gender equality

This allows us to detect risks at an early stage, identify appropriate management approaches, and integrate these into the project design. In the area of gender, the potential for promoting gender equality is also explored.

If the Safeguards+Gender management system identifies risks, they are handled by risk management at the project level. With the help of this system, a total of 278 project proposals were examined in 2022, and risk-mitigating modifications identified. A total of 16 projects were deemed to be in the top risk category, meaning that GIZ’s Management Board must approve the implementation of the project and that any development of the risks and modifications made in the course of project implementation are regularly examined. GIZ’s Safeguards+Gender management system thus serves both to enhance risk management and to ensure that projects achieve their objectives.

Ongoing development of the risk management system

GIZ refines its risk management system on an ongoing basis to ensure that it continues to operate effectively and to keep an eye on changing requirements inside and outside the company. One outcome was the creation and publication of a risk policy for GIZ.

In addition to this, formats, instruments and methods used to deal with and report risks are continuously revised. For example, an integrated risk management (IRM) software was purchased in 2022; it will be configured step-by-step before being piloted and introduced throughout the company in 2023.

  • Additional relevant information about GRI, the German Sustainability Code and the Global Compact can be found here

  • Learn more about opportunities and risks in GIZ’s Annual Statement of Accounts