Gavi pursues an ambitious mission in some of the world’s poorest and most fragile countries. As we operate in a dynamic and often uncertain context, we are naturally exposed to risks. Robust risk management is therefore vital for us to confidently take the risks required to achieve our mission, safeguard our investments and ensure sustainable impact. 

Fostering a culture of risk-awareness and systematic risk management helps us to anticipate future events, manage expectations, reduce vulnerabilities and harness opportunities for impact.

TOP RISKS

Since 2016, we have published a Risk & Assurance Report every year. This discusses the most critical risks that could affect our ability to achieve our mission and strategic goals.

The report provides an update on risk management across the Alliance, an analysis of macro-trends affecting Gavi’s risk profile and an overview of key changes in top risks compared with the previous year. It also explains how current risk levels compare with Gavi’s risk appetite – ie our willingness to be exposed. The annexes contain more detailed information, including an analysis of each top risk and the corresponding mitigation plans.

Risk and Assurance Reports

Gavi Risk and Assurance Report 2019

RISK APPETITE

Every organisation needs to take risk to achieve its objectives. Sometimes the greatest risk is inaction. Effective risk management optimises outcomes by balancing risk versus reward and the cost of mitigation versus the potential benefit. The Alliance’s risk appetite statement broadly defines the level of risk the Alliance is willing to take, accept or tolerate to achieve its goals.

COMPREHENSIVE APPROACH

In December 2014, the Gavi Board adopted a comprehensive approach to risk management covering strategic, operational, programmatic and corporate risks, and approved the risk policy. Since then, we have continued to embed risk management practices in daily operations, planning and decision-making across the Alliance.

In 2015, we reorganised our risk management and assurance functions around a best-practice "three lines of defence" model:

  • First line: understanding, monitoring and active management of risk in core business activities and country programmes.
  • Second line: specialist support and objective monitoring through control and oversight functions, providing an additional "check and balance" on first-line activities.
  • Third line: independent auditing of the first and second lines of defence to provide assurance that their risk management is effective.

A dedicated "risk function" coordinates, facilitates and monitors the implementation of effective risk management practices across the Alliance. The Secretariat’s Risk Committee, chaired by the CEO with senior leadership from across the organisation, systematically reviews the top risks allocated to risk owners in the organisation.

Risk is a standing item on the agenda of all Gavi Board meetings, and the Audit and Finance Committee of the Board oversees the effectiveness of risk management systems and processes.

Subscribe to our newsletter