Skip to main content

​
Overview

The CGIAR Risk Intelligence Tool evaluates partner organizations across 7 major risk categories, each containing 5 subcategories. This multi-dimensional approach provides a comprehensive risk profile using industry-standard assessment methodologies.

​
Risk Categories

Every assessment generates scores across these categories:

Financial Risk

Revenue stability, profitability, debt levels, cash flow, and financial sustainability

Operational Risk

Supply chain reliability, operational capacity, quality control, logistics, and resource management

Market Risk

Market volatility, competition, demand fluctuations, pricing pressures, and market access

Behavioral Risk

Management integrity, organizational culture, stakeholder relationships, and ethical conduct

Climate-Environmental Risk

Climate change exposure, environmental impact, resource depletion, and sustainability practices

Governance & Legal Risk

Legal compliance, regulatory requirements, governance structure, and policy adherence

Technology & Data Risk

Technology infrastructure, data security, digital capabilities, and cybersecurity posture

​
Risk Levels (Traffic-Light System)

Risk scores are mapped to four standardized levels:
Minimal risk detected. Standard monitoring procedures are sufficient.
  • Strong performance indicators
  • Robust controls in place
  • Low probability of adverse events
  • Recommended action: Continue routine oversight
Acceptable risk with monitoring. Enhanced oversight recommended.
  • Some areas of concern identified
  • Adequate controls with room for improvement
  • Moderate probability of issues
  • Recommended action: Implement specific mitigation measures
Significant risk requiring active management. Mitigation plan required.
  • Multiple risk factors present
  • Controls need strengthening
  • Elevated probability of adverse outcomes
  • Recommended action: Develop comprehensive risk reduction strategy
Unacceptable risk level. Immediate intervention required.
  • Severe risk exposure
  • Inadequate or missing controls
  • High probability of significant negative impact
  • Recommended action: Consider partnership suspension or major remediation

​
Scoring Methodology

​
Category Score Calculation

Each category score is computed from its 5 subcategories:
1

Subcategory Analysis

AI agents analyze extracted data and generate scores (0-100) for each subcategory based on:
  • Documentary evidence from uploaded files
  • Interview responses or manual data entries
  • Industry benchmarks and standards
  • Historical performance data
2

Weighted Aggregation

Subcategory scores are aggregated using configurable weights. Default: equal weighting (20% each).
categoryScore = Ξ£(subcategoryScore Γ— weight) / Ξ£(weights)
3

Level Assignment

The numerical score is mapped to a risk level:
  • 0-24 β†’ LOW
  • 25-49 β†’ MODERATE
  • 50-74 β†’ HIGH
  • 75-100 β†’ CRITICAL

​
Overall Risk Score

The overall assessment score is calculated as: 
overallScore = (Ξ£ all category scores) / 7
overallLevel = mapScoreToLevel(overallScore)
All scores are stored as floating-point numbers and rounded to the nearest integer for display.

​
Risk Score Data Model

Risk scores are stored per category with detailed subcategory breakdowns: 
{
  id: string;
  assessmentId: string;
  category: RiskCategory;  // One of the 7 categories
  score: number;           // Aggregate category score (0-100)
  level: RiskLevel;        // LOW | MODERATE | HIGH | CRITICAL
  subcategories: SubcategoryScore[];  // Array of 5 subcategories
  evidence?: string;       // Supporting evidence summary
  narrative?: string;      // AI-generated risk narrative
}

​
Fetching Risk Scores

Risk scores are included in the report response:

​
Recommendations

Each risk category includes AI-generated recommendations prioritized by urgency:
Critical actions requiring immediate attention. These address severe risk exposures or control gaps.Example:
β€œEstablish a formal risk management committee and implement quarterly board-level risk reviews to address governance deficiencies.”

​
Editing Recommendations

Analysts can manually refine AI-generated recommendations: 
// Recommendations support in-place editing
{
  "id": "rec-123",
  "text": "Original AI-generated recommendation",
  "priority": "HIGH",
  "isEdited": true,
  "editedText": "Analyst-refined version with specific context and actionable steps"
}
The original AI-generated text is preserved when isEdited is true, allowing auditability of modifications.

​
Radar Chart Visualization

The radarData array provides data optimized for radar chart visualization: 
import { Radar } from 'recharts';

<RadarChart data={report.radarData}>
  <PolarGrid />
  <PolarAngleAxis dataKey="category" />
  <PolarRadiusAxis domain={[0, 100]} />
  <Radar
    name="Risk Score"
    dataKey="score"
    stroke="#8884d8"
    fill="#8884d8"
    fillOpacity={0.6}
  />
</RadarChart>

​
Risk Score Generation Pipeline

Scores are generated through the AI analysis pipeline:
1

Document Parsing

AWS Textract extracts text and tables from uploaded PDFsSee: AI Analysis - Parser Agent
2

Gap Detection

AI identifies missing or incomplete data fields across all categoriesSee: AI Analysis - Gap Detector Agent
3

Risk Analysis

Multi-agent system scores each subcategory and generates narrativesSee: AI Analysis - Risk Analysis AgentJob Type: RISK_ANALYSIS
4

Score Aggregation

System calculates category scores, overall score, and assigns risk levelsDatabase Update: Assessment record updated with overallRiskScore and overallRiskLevel

​
Database Schema

model RiskScore {
  id            String       @id @default(uuid())
  assessmentId  String
  category      RiskCategory
  score         Float
  level         RiskLevel
  subcategories Json         // SubcategoryScore[]
  evidence      String?      @db.Text
  narrative     String?      @db.Text

  assessment      Assessment       @relation(fields: [assessmentId], references: [id], onDelete: Cascade)
  recommendations Recommendation[]

  @@unique([assessmentId, category])
  @@map("risk_scores")
}

​
Code Example: Risk Level Badge Component

components/risk-level-badge.tsx
import { cn } from '@/lib/utils';
import type { RiskLevel } from '@alliance-risk/shared';

const LEVEL_STYLES: Record<RiskLevel, { bg: string; text: string; icon: string }> = {
  LOW: { bg: 'bg-green-100', text: 'text-green-800', icon: '🟒' },
  MODERATE: { bg: 'bg-yellow-100', text: 'text-yellow-800', icon: '🟑' },
  HIGH: { bg: 'bg-orange-100', text: 'text-orange-800', icon: '🟠' },
  CRITICAL: { bg: 'bg-red-100', text: 'text-red-800', icon: 'πŸ”΄' }
};

export function RiskLevelBadge({ level, score }: { level: RiskLevel; score: number }) {
  const style = LEVEL_STYLES[level];
  
  return (
    <div className={cn('inline-flex items-center gap-2 px-3 py-1 rounded-full', style.bg)}>
      <span>{style.icon}</span>
      <span className={cn('font-semibold', style.text)}>
        {level}
      </span>
      <span className={cn('text-sm', style.text)}>({score})</span>
    </div>
  );
}

​
Best Practices

Validate Data Quality

Ensure gap fields are verified before risk analysis runs. Incomplete data leads to inaccurate scores.

Review AI Narratives

Always review AI-generated narratives and recommendations for accuracy and contextual relevance.

Track Score Changes

Monitor score changes over time to identify trends and measure mitigation effectiveness.

Use Subcategory Detail

Don’t rely solely on category-level scores. Drill down into subcategories for actionable insights.

​
Related Resources

Assessment Workflow

Understand the complete assessment lifecycle

AI Analysis Pipeline

Deep dive into the multi-agent AI system that generates scores

Report Generation

Learn how scores are visualized in PDF reports

Build docs developers (and LLMs) love

Get started for freeTalk to us