RISK CATEGORIES AND RISK EXAMPLES

The matrix below outlines the four main risk categories and examples of typical sub-
categories and risks. Use the matrix as a guide in helping you to identify relevant risks
when conducting a risk assessment.
In a strategic risk assessment you should mainly focus on the risk category “strategic
risks”. However, you should also focus on “reporting risks” and “compliance risks”
since these risks might have an impact on the achievement of strategic objectives.
In an operational risk assessment you mainly focus on the risk category “operational
risks”. However, you should also focus on “reporting risks” and “compliance risks”
since these risks might have an impact also on the achievement of operational
objectives.

The examples must not be seen as fully comprehensive covering all possible risks
that can occur since the reality is most often not limited to those examples only.
Probably many of the risks presented are relevant and some might not be so relevant.
However, you should have your eyes open also for other risks.

STRATEGIC RISKS
Definition: Risks that relates to our mission, strategic direction and fulfillment of
our strategic objectives.
Sub-categories Description Example of potential risks
Political factors Risks related to political • Suppression of freedom of
decisions, intentions or trends expression
that have the possibility to • Violation of human rights
negatively affect our strategic • Suppression of civil society
directions and objectives. organizations
• State confiscation of
resources
• Corruption
• Bureaucracy
• Political instability
• Changed Swedish foreign
policy and aid policy

1
Economical Risks related to macro- • Increased taxes
factors (macro) economic trends, scenarios or • Rapidly increasing inflation
events that have the possibility • Rapid economic downturn
to negatively affect our •Rapid currency variations
strategic directions and •Changing interest rates
objectives. •Price fluctuations
•Corruption
Socio-cultural Risks related to socio-cultural • Weak perception of security
factors phenomena or changes in the and safety
society that have the possibility • Negative perception of
to negatively affect our equality and diversity
strategic directions and • Cultural taboos
objectives. • Violation of human rights
Technological Risks related to technological • Insufficient communication
factors development trends, scenarios infrastructure
or events that have the • Insufficient transportation
possibility to negatively affect infrastructure
our strategic directions and
objectives.
Environmental Risks related to environmental • Earthquake, landslides
factors aspects that have the • Flooding, tsunami
possibility to negatively affect • Extreme weather conditions
our strategic directions and • Drought
objectives. • Pollution
Legal factors Risks related to changes in • Changing legislation limiting
legislation that have the foreign NGO's ability to
possibility to negatively affect operate in the country
our position and strategic • Changing legislation
ambitions. violating human rights
• Changed labour law
• Changed tax legislation
related to private and
institutional donations
Industry Risks related to changes or • Changing theories related to
trends with regards to effective development
development cooperation, aid, cooperation and sustainable
and theories of change that development
might affect our position and
strategic ambitions.
2
Competitive Risks related to changes or • Increased competition of
factors trends with regards to funds
competition in between • Decreased collaboration
development cooperation
organizations with the
possibility to negatively affect
our strategic directions and
objectives.
Staff resources Risks related to the availability • Lack of required staff
of staff resources required to resources
achieve the strategic • Loss of required staff
objectives. resources
Know-how and Risks related to know-how and • Lack of adequate know-how
innovation innovation abilities required to • Insufficient ability to keep
achieve the strategic up with trends and
objectives. developments
• Loss of key personnel
Financing Risks related to our abilities to • Decreasing private donations
finance our activities in order • Decreasing donations/funds
to achieve the strategic from
objectives. institutions/organizations
• Weak fundraising capacity
• Loss of members
• Weak recruitment of new
members

Product Risks related to the product • Failure to follow customer

(Fair Trade) portfolio that might negatively preferences and needs
affect the strategic ambitions. • Insufficient product
development capacities

Partners and other Risks related to partners or • Corruption, fraud, misuse of

collaborators other collaborators that might funds or other resources
negatively affect the strategic • Weak ethics and
ambitions. inappropriate conduct
• Spreading of false rumours

3
Negative Risks related to side-effects • Exposing our target group
sideeffect of our on people or environment or others to severe
interventions caused by the strategic threats/incidents
intentions and interventions. • Worsen the situation for the
stakeholders of the
intervention
• Damaging the environment
Communication Risks related to • No, misleading or faulty
communication activities, or communication leading to
the lack thereof, that can badwill
negatively affect the strategic
ambitions.
Physical/technical Risks related to the availability • Lack of required resources
resources of physical/technical • Loss of critical resources
resources as required to • Weak adaptation to
succeed in our strategic technological development
ambitions and to achieve the
strategic objectives?

OPERATIONAL RISKS
Definition: The risk of loss of resources, injuries or damage on resources, or
disruption of operations resulting from inadequate or failed internal processes,
people, and systems, or from external events, that might negatively affect the
operational performance and achievement of operational objectives.
Sub-categories Description Example of potential risks
Severe hazards Risks related to severe hazards • Earthquake, landslides
that might negatively affect our • Flooding, tsunami
operations, staff and • Extreme weather conditions
participants, and other • Pollution
resources? • War, terrorism, unrest
• Epidemics
Human Risks related to loss or lack of • Dissatisfaction, lack of
Resources staff and qualified competence. motivation
This often includes risks • Resignation of critical staff
related to motivation, • Sickness, disease
satisfaction, safety and • Accident
security. • Casualty
• Kidnapping, robbery, assault

4
Financial Risks related to loss or lack of • Lack of financial capacity
Resources financial resources. • Liquidity problems
• Increased prices and taxes
• Currency or interest
fluctuation
• Absent or delayed payments
• Loss due to fraud,
corruption or theft
Information Risks related to confidentiality, • Loss of sensitive information
Resources availability and integrity of to unauthorized persons
information and information • Critical information
resources. unavailable for authorized
persons
• Unauthorized manipulation
of critical information/data
IT & Risks related to the availability • Technical failure or damage
Communication and functionality of critical • Unauthorized manipulation
Resources resources required in our of system settings
operations to achieve our • Theft
objectives. • Virus or other cyber attack
Property and Risks related to the availability • Fire
Facility and functionality of other • Water damage
Resources properties and facility • Burglary, vandalism,
resources required in our damages
operations to achieve our • Contractual issues
objectives. • Technical failure
Services and Risks related to our • Lack/loss of electricity, gas,
Supplies dependencies on external oil, water
services and supplies as we are • Contractual issues
dependent on for the • Quality issues
operational performance?
Supply chain Risks related to meeting • Products not delivered
(Fair Trade) customer expectations on • Product delivery delayed
product delivery.
Sales Risks related to meeting • Decreasing sales
(Fair Trade) customer demands and • Sales not meeting the
expected sales outcome. expected outcome
(prognosis/sales budget)

5
Efficiency and Risks related to management, • Deficiencies in planning,
quality policies, processes, monitoring, evaluation and
methodologies as critical to reporting of interventions
meet our ambitions and and use of funds
stakeholder requirements on • Deficiencies in
effectiveness, administration, implementation of
PMER, and internal control. interventions/activities

REPORTING RISKS
Definition: Risks related to the accuracy and reliability of financial and narrative
reports.
Sub-categories Description Example of potential risks
Financial Risks related to the accuracy • Late financial reports
reporting and reliability of financial • Inaccurate financial reports
reports.
Narrative Risks related to the accuracy • Late narrative reports
reporting and reliability of narrative • Inaccurate financial reports
reports

COMPLIANCE RISKS
Definition: Risks related to compliance, or non-compliance, with applicable laws,
stakeholder requirements, internal rules, procedures and internal control practices,
or standards and best practices to which we have committed.
Sub-categories Description Example of potential risks
Legislation and Risks related to the Breach of law leading to
regulations compliance, or non- fines, imprisonment, bad will
compliance, with applicable
laws and regulations.
Contracts and Risks related to the Breach of contract leading
agreements compliance, or non- to disputes, fines, and bad
compliance, with applicable will
contracts and agreements.
External Risks related to the Non-compliance with
stakeholder compliance, or non- stakeholder requirements,
requirements compliance, with applicable e.g. Sida and Forum Syd,
stakeholder requirements.

6
 leading to bad-will and/or
lost contract/support

Standards and Risks related to the Non-compliance with

best practices compliance, or non- standards or best practices to
compliance, with applicable which we have committed
standards and best practices to leading to badwill and/or
which we have committed. lost contract/support
Internal Risks related to the Non-compliance with
stakeholder compliance, or non- standards or best practices to
requirements compliance, with internal which we have committed
stakeholder requirements on leading to badwill and/or
internal control and work lost contract/support
instructions.
Ethics and Risks related to the • Corruption, fraud, theft
integrity compliance, or non- • Unethical behaviour and
compliance, with applicable treatment of others
internal policies and • Unethical communication
requirements with regards to
ethics, integrity, and code of
conduct.
Product Risks related to products • Product causes damage to
(mainly Fair Trade) and their people and/or environment
compliance with quality and leading to fines and bad-will
safety requirements. • Product does not meet
quality requirements
• Produce does not meet Fair
Trade requirements
Partners and Risks related to partners or • Corruption, fraud, theft
collaborators collaborators compliance, or • Weak implementation of
noncompliance, with contracts projects
or agreed procedures.