Skip to main content

USAID Makes Huge Strides in Implementing Enterprise Risk-Management, Releases First Risk-Appetite Statement

Posted Oct 23, 2018

By Margaret Strong

Maggie Strong has been a Management and Performance Analyst with USAID's Performance Division for six years. Her team strengthens USAID operations performance in support of the Agency's mission.

The U.S. Agency for International Development (USAID) is implementing a worldwide Enterprise Risk-Management (ERM) process, consistent with Office of Management and Budget Circular A-123, to build a systematic, integrated, Agency-wide approach to addressing risk. Breaking down silos, ERM allows leadership to have a holistic view of the risks the Agency faces. The goal is not to control or avoid all risk, but to take advantage of opportunities while reducing or mitigating threats, to maximize USAID’s likelihood of achieving its mission and objectives: reducing the reach of conflict; preventing the spread of pandemic disease; and counteracting the drivers of violence, instability, transnational crime, and other national security challenges.

In fiscal year 2018, as part of the worldwide implementation of ERM, USAID published its first Risk-Appetite Statement. The Statement provides staff and implementing partners with broad-based, Agency-wide guidance -- based on an evaluation of opportunities and threats -- regarding the amount and type of risk USAID is willing to accept to achieve its objectives.

Achieving effective ERM is crucial for USAID. The Agency’s role in support of U.S. foreign policy and national security goals requires that staff and partners work in a wide variety of high-threat environments, in which risks range from state failure and armed conflict, to corruption, natural disaster, and macroeconomic instability. The ERM governance structure and reporting process is already helping USAID navigate complex risks more effectively. We are confident the Risk-Appetite Statement will be an essential guidepost during this transformation.



1.4 Risk Categories*

  • Programmatic Risks are events or circumstances that could potentially improve or undermine the effectiveness of USAID’s development or humanitarian assistance.
  • Fiduciary Risks are events or circumstances that could result in fraud, waste, loss, or the unauthorized use of U.S. Government funds, property, or other assets. It also refers to conflicts of interest that could adversely affect the accountability of U.S. taxpayer dollars, or the realization of development or humanitarian outcomes.
  • Reputational Risks are events or circumstances that could potentially improve or compromise USAID’s standing or credibility with Congress, the interagency, the American public, hostcountry governments, multilateral institutions, implementing partners, beneficiaries, or other stakeholders.
  • Legal Risks are events or circumstances that could potentially improve or compromise compliance with law, regulation, Executive Order, or other source of legal requirement.
  • Security Risks are events or circumstances that potentially improve or compromise the security of USAID staff, partners, property, information, funding or facilities.
  • Human-Capital Risks are events or circumstances that could potentially improve or compromise the capacity, productivity, hiring, or retention of employees.
  • Information-Technology Risks are events or circumstances that could potentially improve or compromise the processing, security, stability, capacity, performance, or resilience of information technology.
*U.S. Agency for International Development Risk Appetite Statement - June 2018, page 4

The opinions expressed in this guest post are the author's own and do not reflect the view of the Performance Improvement Council or U.S. General Services Administration.