Do you want your own version of IndiKit?


Implementation of Risk Mitigation Measures

Indicator Phrasing

the key protection risks related to the project activities were assessed and relevant risk mitigation measures were implemented
See indicator in other languages

Indicator Phrasing

English: the key protection risks related to the project activities were assessed and relevant risk mitigation measures were implemented

French: les principaux risques de protection liés aux activités du projet ont été évalués et des mesures pertinentes d'atténuation des risques ont été mises en œuvre

Portuguese: os principais riscos de protecção relacionados com as actividades do projecto foram avaliados e foram implementadas medidas relevantes para mitigação dos riscos

Czech: klíčová “protection” rizika spojená s projektovými aktivitami byla posouzena a příslušná mitigační opatření byla realizována

What is its purpose?

The fulfilment of this indicator means that a project competently assessed the key protection risks connected to the project activities and then designed and effectively implemented relevant measures that minimize the risks.

How to Collect and Analyse the Required Data

Determine the degree to which the indicator is fulfilled by using the following methodology:


1) Use a review of documents and interviews with key informants (e.g. the project staff) to assess whether protection risks related to the project activities were identified. The risks are usually identified by conducting a protection risk analysis. If they were identified, assess how they were identified and whether the assessment considered all four areas of protection mainstreaming: 

     - prioritizing safety and dignity and avoiding causing harm

     - ensuring meaningful access

     - ensuring accountability

     - ensuring participation and empowerment

Consider also assessing whether the overview of key risks was updated in the course of the project, as it is possible that new risks emerged and/or some became more significant. A similar update should then be done for designing and implementing relevant measures. 


2) If the risks related to project activities were identified in a comprehensive manner, use a review of documents and key informant interviews (e.g. with the project staff) to assess whether relevant measures were designed to mitigate the risks. Consider whether the measures were designed for the vast majority or for all the identified risks.


3) If relevant risk mitigation measures were designed, use a review of documents and key informant interviews to assess the extent to which they were implemented.



The indicator is met when the assessment concludes that the key risks were comprehensively assessed, and that relevant measures were designed and adequately implemented. As there are no defined standards of what comprehensive / relevant / adequate means, the assessment needs to be done by an independent person experienced in protection mainstreaming. The person needs to justify any conclusions s/he makes.  


Important Comments

1) Since this is a protection mainstreaming indicator, it should only cover the risks related to the provided assistance – i.e. it should look at how to ensure that the provided assistance does not cause harm or expose people to risks and/or unsafe situations, is accessible to all in proportion to need and without any barrier, and is provided in an accountable, dignified and participatory manner (i.e. the four core principles of protection mainstreaming).


2) If you use this indicator, keep in mind that you will have to be able to prove which risk mitigation measures were designed and which were implemented (and how). This might involve having relevant protection mainstreaming plans, and records on what was agreed / implemented, etc. For example, if you analyse which distribution sites are safe to use but don't record how the decision was taken (e.g. based on what criteria and information), you might not have any evidence of having done such an analysis. It is recommended that as a minimum requirement, a project should have a protection risk assessment, a risk mitigation action plan, and a decisions log

This guidance was prepared by People in Need ©

Propose Improvements