The Board sets the risk appetite and identifies and reviews major risks and opportunities that are important to Red Cross strategies and priorities through our risk management framework.
The activities underpinning our framework, such as periodic organisational risk assessments, ensure our organisation is conscious of the risks it faces, makes informed decisions to manage these risks and maximises opportunities. Our risk reporting not only recognises a number of strategic and operational risks, but also the potential risks in the execution of our strategic priorities.
This year we focused on identifying and mitigating child protection risk, compliance risk and financial sustainability risk, whilst identifying further opportunities to strengthen the organisation against cyber and data security-related risks. Particular focus has been given to identifying the causes of risk. We then developed mitigating controls and on-going monitoring of the effectiveness of these controls to contain the identified risks within acceptable tolerance levels. For example, we adopt strict requirements for child protection compliance under our Ethical Framework as part of our recruitment, screening and on-boarding for all staff and volunteers. All funding opportunities are risk-assessed through internal review processes and ensure that our services remain viable and effective.