Skip to main content
The CGIAR Risk Intelligence Tool evaluates agricultural SMEs across 7 risk categories, each containing 5 subcategories, for a total of 35 risk indicators. Every indicator is scored using a traffic-light system (Low / Moderate / High / Critical) based on quantitative and qualitative analysis.

Risk Framework Structure

The risk model follows a hierarchical structure: 
Overall Risk Score (0-100)
  └─ 7 Risk Categories (weighted average)
      └─ 5 Subcategories each (35 total indicators)
          └─ Traffic-light scoring (LOW / MODERATE / HIGH / CRITICAL)

7 Risk Categories

Assesses the financial health and sustainability of the business.5 Subcategories:
  • Revenue Risk
  • Cost Structure Risk
  • Credit Risk
  • Liquidity Risk
  • Capital Structure Risk
View detailed scoring criteria →
Evaluates exposure to climate change, weather patterns, and environmental sustainability.5 Subcategories:
  • Weather Exposure Risk
  • Climate Adaptation Risk
  • Water Resource Risk
  • Biodiversity Impact Risk
  • Carbon Footprint Risk
View detailed scoring criteria →
Analyzes management quality, governance practices, and organizational culture.5 Subcategories:
  • Management Competence Risk
  • Governance Structure Risk
  • Compliance & Ethics Risk
  • Innovation Capacity Risk
  • Stakeholder Relations Risk
View detailed scoring criteria →
Examines operational efficiency, supply chain resilience, and production capabilities.5 Subcategories:
  • Supply Chain Risk
  • Production Process Risk
  • Technology & Equipment Risk
  • Human Resources Risk
  • Quality Control Risk
View detailed scoring criteria →
Assesses market position, competitive dynamics, and commercial viability.5 Subcategories:
  • Demand Risk
  • Competition Risk
  • Pricing Power Risk
  • Distribution Channel Risk
  • Regulatory Market Risk
View detailed scoring criteria →
Analyzes digital infrastructure, data security, and technology adoption.5 Subcategories:
  • IT Infrastructure Risk
  • Data Management Risk
  • Cybersecurity Risk
  • Digital Tools Adoption Risk
  • Analytics Capability Risk
View detailed scoring criteria →

Scoring Methodology

Risk Levels

Each subcategory and category is assigned one of four risk levels:
Risk LevelScore RangeColor CodeInterpretation
LOW0-30🟢 GreenMinimal risk; business operates within acceptable parameters
MODERATE31-60🟡 OrangeManageable risk; some areas require monitoring or improvement
HIGH61-80🟠 Orange-RedSignificant risk; requires immediate attention and mitigation
CRITICAL81-100🔴 RedSevere risk; threatens business viability; urgent intervention needed

Calculation Process

  1. Subcategory Scoring (35 indicators)
    • Each subcategory is scored 0-100 based on data extracted from business plans, interviews, or manual data entry
    • AI agents analyze quantitative metrics and qualitative factors
    • Evidence from source documents is linked to each score
  2. Category Aggregation (7 categories)
    • Category score = average of 5 subcategory scores
    • Example: Financial Risk = avg(Revenue, Costs, Credit, Liquidity, Capital)
  3. Overall Risk Score
    • Overall score = weighted average of 7 category scores
    • All categories currently have equal weight (subject to change based on sector/region)

Data Schema

Risk scores are stored in the RiskScore table with the following structure: 
interface RiskScore {
  id: string;
  assessmentId: string;
  category: RiskCategory;  // FINANCIAL | CLIMATE_ENVIRONMENTAL | etc.
  score: number;           // 0-100
  level: RiskLevel;        // LOW | MODERATE | HIGH | CRITICAL
  subcategories: SubcategoryScore[];  // Array of 5 subcategories
  evidence: string | null; // Supporting evidence from documents
  narrative: string | null; // AI-generated explanation
  recommendations: Recommendation[];  // Mitigation strategies
}

interface SubcategoryScore {
  name: string;            // e.g., "Revenue Risk"
  indicator: string;       // e.g., "Revenue Concentration"
  score: number;           // 0-100
  level: RiskLevel;        // LOW | MODERATE | HIGH | CRITICAL
  evidence: string | null; // Specific data points
  mitigation: string | null; // Suggested actions
}

AI-Powered Analysis

The risk assessment is performed by specialized AI agents using AWS Bedrock:
  • Risk Analysis Agent: Analyzes business data across all 7 categories
  • Evidence Extraction: Links scores to specific data points in source documents
  • Narrative Generation: Creates human-readable explanations for each score
  • Recommendation Engine: Generates prioritized mitigation strategies
All AI analysis is based on versioned prompts managed through the Prompt Manager, ensuring consistency and traceability.

Use Cases

For Analysts

  • Due Diligence: Quickly identify high-risk areas in loan applications
  • Portfolio Monitoring: Track risk trends across multiple assessments
  • Report Generation: Export comprehensive PDF reports for stakeholders

For Business Owners

  • Self-Assessment: Understand business vulnerabilities
  • Improvement Planning: Prioritize mitigation actions based on risk severity
  • Investor Communication: Demonstrate risk management practices

For Decision Makers

  • Investment Decisions: Compare risk profiles across multiple SMEs
  • Policy Design: Identify systemic risks in agricultural sectors
  • Resource Allocation: Target support programs to highest-risk areas

Next Steps

Explore detailed scoring criteria for each category:

Financial Risk

Revenue, costs, credit, liquidity, capital

Climate-Environmental Risk

Weather, adaptation, water, biodiversity, carbon

Behavioral Risk

Management, governance, compliance, innovation

Operational Risk

Supply chain, production, technology, HR, quality

Market Risk

Demand, competition, pricing, distribution

Governance & Legal Risk

Legal structure, contracts, IP, compliance

Technology & Data Risk

IT infrastructure, data, cybersecurity, analytics