Attachment no. 1 – Types of risk and ther subgoups
Types of risks and their subgroups
Overview of risk types
Overview of risk types
A – The risk of the human factor represents potential damage resulting from human error, noncompliance
with generally applicable and internal regulations, or employee misconduct.
B - The risk of corruption is the damage resulting from the conduct by which a person in a certain
position abuses this position for unjust enrichment or other advantage for himself or another person
(achieving an unjustified advantage, benefit, but also achieving a legitimate advantage or benefit in a
short time).
C – Information and technological risk represents potential damage resulting from incorrect or inefficient
use of information systems, including their failure. It also includes failing to ensure the reliability and
security of information.
D – Property risk represents potential damage due to the adverse effects of external and internal
influences on the environment and the conditions in which the Ministry operates.
E – Operational risk represents potential losses resulting from incorrect implementation of procedures
and operations caused by the absence of descriptions of procedures and operations, their inappropriate
setting, failure of process steps or as a result of their poor management.
F – Organizational risk represents potential losses and damages resulting from inappropriate setting of
the volume, structure and circulation of information, documents and data, including the quality and
frequency of control activities.
G – Financial and budgetary risk represents potential damage, or damage to financial environments and
property (public funds in the sense of Act No. 320/2001 Coll., on Financial Control in Public
Administration and on Amendments to Certain Acts) related to changes in the value of assets, liabilities,
receivables or cash flows due to adverse movements of related factors.
H – Human resources risk represents potential damage due to uneconomical and inefficient use of
human resources. At the same time, it includes infrastructure and personnel issues.
I – Legal risk represents potential damage to the rights of the Ministry as a result of erroneous legal acts
and decisions, including violations of the rights set out in the contracts.
J – Management risk represents potential damage due to a bad decision at some level of the ministry's
management. At the same time, it includes discrepancies in individual internal management acts,
implementation of ineffective systems and activities leading to endangerment or damage to property,
including shortcomings in the internal management system.
K – Competence risk represents potential damage due to the adverse effects of external political,
legislative and economic influences.
L – Technical risk is the potential damage and loss resulting from the failure of technical equipment, due
to "force majeure" or damage resulting from their inefficient use and mishandling.
M – Risk affecting another external entity represents a situation where a legislative measure may cause
harm to citizens, organizations or resources available to the MLSA.
N - Risk affected by another external entity represents a situation where the sources of risk lie outside
the MLSA and are not directly within the scope of its control system.
N – Risks specific to certain departments that occur in their activities and cannot be classified in the
above groups may use this identifier.
O – Other risks - they cannot be included in any of the above types and it would be impractical for it to
establish a special category and designation.
P- Project risks - represents potential risks of projects implemented by FDV, resulting from the specifics of
solved and implemented projects.
No. Type Type of the risk Subgroup Subgroup type of risk
1 A Human factor A01 Ability for the position
2 A Human factor A02
Violation of morality, ethics, work order and
interpersonal relationships
3 A Human factor A03 Inattention
4 A Human factor A04 Substance abuse
5 A Human factor A05 Stress situations
6 A Human factor A06 Not following rules of hiring
7 A Human factor A07 Issuing false medical reports and testimonials
8 A Human factor A99 Others
9 B Corruption B01 Employee fraud
10 B Corruption B02 Protectionism
11 B Corruption B03 Offenses, theft, embezzlement
12 B Corruption B04 Unauthorized use of resources
13 B Corruption B05
Zneužití informací a osobních údajůMisuse of
information and personal data
14 B Corruption B06
Failure to comply with the code of ethics for
employees in public administration
15 B Corruption B07 Conflict of interest
16 B Corruption B08 Inadmissible and deceptive actions
17 B Corruption B09
Abuse of power and function or exceeding the
authority of an official
18 B Corruption B10 Unreasonable costs
19 B Corruption B99 Others
20 C Information and technology C01 Incorrectly determined access rights
21 C Information and technology C02 Violation of the integrity of IT systems
22 C Information and technology C03 Integrity of application systems
23 C Information and technology C04
Ineffective physical security of data and their
protection
24 C Information and technology C05 Unavailability of information systems
25 C Information and technology C06 Unreliability of information systems
26 C Information and technology C07
Improper purchase and management of computer
equipment
27 C Information and technology C08
Incorrectly specified requirements for HW and SW
and their evaluation
28 C Information and technology C09 Insufficient software
29 C Information and technology C10 Insufficient level of information, user support
30 C Information and technology C11 Lax management of network applications
31 C Information and technology C12
Unauthorized use of information, destruction,
damage and its modification
32 C Information and technology C13 Intentional interference with SW or HW
No. Type Type of the risk Subgroup Subgroup type of risk
33 C Information and technology C99 Others
34 D Property risk D01 Natural disasters
35 D Property risk D02 Terrorist attack
36 D Property risk D03 Careless security of property in buildings
37 D Property risk D04
Failure to comply with approved internal security
principles and regulations
38 D Property risk D99 Others
39 E Operational risk E01 Ineffectiveness of procedures and operations.
40 E Operational risk E02 Failure to follow approved procedures
41 E Operational risk E03 Producing inaccurate information
42 E Operational risk E04 Complexity of processes, operations
43 E Operational risk E05 Complexity of standards, rules
44 E Operational risk E06 Inaccuracy of work procedures
45 E Operational risk E07 Inadequate remedial action
46 E Operational risk E08 Defective feedback system
47 E Operational risk E09
Uncoordinated procedures / processes carried out in
non-compliance
48 E Operational risk E99 Others
49 F Organizational risk F01 Formal comment procedures
50 F Organizational risk F02
Ineffective methodological, control activities and
supervision
51 F Organizational risk F03 Inadequate analytical activity
52 F Organizational risk F04
Outdated intelligence, availability and provision of
information
53 F Organizational risk F05 Inaccurate internal and external reporting
54 F Organizational risk F06
Non-optimized circulation of documents, records,
shredding of documents
55 F Organizational risk F07 Insufficient staff capacity for the activity
56 F Organizational risk F99 Others
No. Type Type of the risk Subgroup Subgroup type of risk
57 G Financial and budgetary risk G01 Unrealistic planning and budgeting
58 G Financial and budgetary risk G02 Errors in financing
59 G Financial and budgetary risk G03 Unreliability of accounting records
60 G Financial and budgetary risk G04 Cash service activities
61 G Financial and budgetary risk G05 Manipulation of income and expenses
62 G Financial and budgetary risk G06 State guarantees, financial assistance
63 G Financial and budgetary risk G07 Drawing on EU funds
64 G Financial and budgetary risk G08 Irregularities in transfers of funds
65 G Financial and budgetary risk G09 Administration and management of financial flows
66 G Financial and budgetary risk G10 Unreliability of inventory
67 G Financial and budgetary risk G11 Inefficient asset management and protection
68 G Financial and budgetary risk G99 Others
69 H Human Resources risk H01 Weaknesses in human resource management
70 H Human Resources risk H02 Neglect of key skills and qualities
71 H Human Resources risk H03 Wrong recruitment of new employees
72 H Human Resources risk H04 Wage shortcomings
73 H Human Resources risk H05
Purposeful classification of employees into classes
and tariffs
74 H Human Resources risk H06
Poorly processed and incomplete characteristics of
functional positions
75 H Human Resources risk H07 Weaknesses in employee evaluation
76 H Human Resources risk H08
Preferences and mistakes in management
development
77 H Human Resources risk H09 Ineffective education
78 H Human Resources risk H10 Improper record keeping of employees
79 H Human Resources risk H11
Weaknesses in the management of the cultural and
social needs fund
80 H Human Resources risk H12 Incorrectly entered performance indicators
81 H Human Resources risk H13
Risk of managining tasks with insufficient capacity of
human resources
82 H Human Resources risk H99 Others
83 I Law risk I01 Inappropriate, incorrect contractual arrangements
84 I Law risk I02 Failure to comply with binding regulations
85 I Law risk I03 Manipulation of public contracts, tenders
86 I Law risk I04 Incorrect processing of contracts
87 I Law risk I05 Unqualified grounds for termination
88 I Law risk I06 Failure to meet deadlines
89 I Law risk I07 Invalidity of legal acts
90 I Law risk I08
Non-compliance of internal directives with legal
regulations
91 I Law risk I99 Others
No. Type Type of the risk Subgroup Subgroup type of risk
92 J Management risk J01 Non-cooperation of individual departments
93 J Management risk J02 Weaknesses in management and control work
94 J Management risk J03 Unresolved substitutability
95 J Management risk J04 Unpreparedness for change
96 J Management risk J05 Wrong decisions
97 J Management risk J06 Incomplete determination of signature rights
98 J Management risk J07 Non-coordination of foreign aid
99 J Management risk J08 Unenforceable material liability
100 J Management risk J09
Weaknesses in the protection of classified
information and special facts
101 J Management risk J10 Unacceptable use of resources
102 J Management risk J11 Weaknesses of management control
103 J Management risk J99 Others
104 K Competence risk K01 Change of political environment
105 K Competence risk K02 Institutional reform
106 K Competence risk K03 Instability and complexity of legislation
107 K Competence risk K04 Budget cuts
108 K Competence risk K05 Amendments to public administration laws
109 K Competence risk K99 Others
110 L Technical risk L01 Challenging fleet
111 L Technical risk L02 Uneconomical use of telephone equipment
112 L Technical risk L03
Failure of technical equipment systems (telephones,
faxes, e-mails, BED)
113 L Technical risk L04 Computer failure
114 L Technical risk L05 Neglect of maintenance
115 L Technical risk L06 Unprofessional interventions
116 L Technical risk L07 Failure to address the prevention of emergencies
117 L Technical risk L99 Others
118 M Risk affecting another external entity M99 Others
119 N Risk affected by another external entity N99 Others
120 O Risks specific to certain departments O99 Others
121 P Other type of risk P01 Short terms and stress situations
122 P Other type of risk P99 Others
123
potential damage resulting from incorrect or inefficient
cts implemented by FDV, resulting from the specifics of