Risk management

GPE systematically and proactively manages risks related to its activities and funding to limit potential negative consequences and seize opportunities while operating in often uncertain and challenging contexts.

Risk Management Framework and Policy

GPE's Risk Management Framework and Policy is based on internationally recognized standards and guidance (e.g. ISO 31000 and COSO). It comprises:

  • A set of policies, management processes and tools that details roles and responsibilities pertaining to risk and the frequency of updates
  • A risk taxonomy that provides an exhaustive list and classification of all the risks that GPE is facing at a given point in time
  • A risk appetite statement that provides a high-level indication of how much risk GPE is willing to tolerate to achieve its goals and objectives.
  • A three lines of defense model that describes the roles and responsibilities of key stakeholders of the partnership with regards to risk management at 3 levels: grants, partnership, and Secretariat
  • A list of key risk indicators, control indicators and performance indicators.

Risk categories

All partners have a role in providing advice to the Board and Secretariat in highlighting risks they encounter as they perform their work. The categories of risks are:

  1. Strategic risk: the risk that GPE is not able to achieve its goals and objectives
  2. Operational risk: the risk that GPE is not able to deliver on its country-level objectives
  3. GPE fund management risk: the risk associated with the ineffective or underperforming financial management of the GPE Fund
  4. Business continuity risk: the risk that the Secretariat is unable to operate its critical business functions
  5. Fragmented global aid architecture: the risk that the education architecture is not well defined and complementary
  6. Reputational risk: the risk of threat or danger to the good name or standing of the GPE,
  7. Country risk: the risk of exogenous factors in the country environment adversely affecting sector planning and implementation.

Risk reporting

The GPE Secretariat publishes a corporate risk update report every 6 months to discuss the most critical risks that could affect the partnership to achieve its mission and strategic goals.

The report includes an analysis of trends affecting GPE’s risk profile, the top 10 risks along with direction of travel compared with previous reporting period, and the corresponding mitigation plans. It also explains how current risk levels compare with GPE’s risk appetite.