Consciously managing risks, averting damage
The objective of GIZ’s risk management system is to identify future risks and to manage them at the level at which they originate. This prevents us from missing targets or being unable to deliver services as agreed. The staff responsible must establish how likely it is that certain risks will become reality, and what potential damage they could cause.
With its risk management system, GIZ meets both the legal provisions and the requirements of different commissioning parties. It receives funds from the German federal budget, international organisations and other sources. In order to be able to use these funds efficiently to complete projects and achieve the objectives of these projects, the company has developed a risk management system that all managers are bound by. The system ensures that risks are handled systematically and consciously across the company, and is part of GIZ’s internal rules and regulations.
GIZ classifies risks according to the company’s own risk catalogue, and makes a distinction between security risks and operational and commercial risks, for example. The risk catalogue covers environmental, climate, social and sustainability issues (including human rights), as well as risks associated with corruption and other aspects of compliance.
A company-wide survey to identify any new risks and any changes to known risks is carried out every six months. The survey also asks what steps have been taken to manage risks. Irrespective of this survey, GIZ’s organisational units are free to report ad-hoc risks at any time. The results of the six-monthly risk survey are discussed by the Risk Management Committee (middle management) and the Risk Management Board (senior management and one member of the Management Board).