Wikimedia Foundation Annual Plan/2018-2019/Risk Assessment
Wikimedia Foundation Risks 2018-2019
As part of our annual planning process, the Foundation identifies major possible legal, financial and reputational risks across a broad spectrum. This is a high level summary.
Technological (Equipment, Breaches, Privacy): Technological risks include possible unexpected equipment failure, major disaster causing a risk in continuity of services, or a security breach that could harm the sites or risk appropriation and possible misuse of users’ private data. We mitigate this by investing in and reviewing our technological systems and infrastructure, by planning for disaster, by obtaining as little personal data as possible, by declining to monetize private data by selling it to or sharing it with third-party advertisers, by not tracking users across the web, and by retaining data for only a short time period.
Legal and Political: Legal and political risks include the possibility of a significant adverse result in a lawsuit or changes in the laws that govern and make possible the Foundation or the Wikimedia movement and projects. We mitigate this through insurance, pre-emptive engagement with threats, litigation defense strategies, and strategic legal and public policy engagement aimed both at preventing or mitigating harmful laws and regulations and at efforts to clarify or improve laws.
Personnel: Personnel risks focus on the chance that unforeseen circumstances will leave us with insufficient staff to accomplish critical tasks, leading to harm to our operations. We mitigate this risk with redundancy in operations and by continuing to hire and train skilled staff members.
Community: Community risks include a broad variety of activities that could harm the overall movement, including challenges to the movement's strength and diversity. We mitigate these risks by collaborating with volunteers to improve best practices.
Public Relations: Public relations risks relate to circumstances where our messaging—or others’ messaging about us—harms our reputation and chills the use of or participation in our projects. We mitigate this risk through careful review by our Communications team and collaboration with diverse partners.
Fundraising: Fundraising risk focuses on the possibility that significant changes -- for example, in viewing trends or reputation -- lead to difficulty raising funds for the movement. We aim to mitigate this risk by using a variety of techniques and continuing to iterate on our fundraising strategies.
Competition: Competition risk is the risk that another company develops a product that offers superior services to the Wikimedia projects, leading to the decline of the projects. We mitigate this risk by collaborating with volunteers, affiliates, and partners to constantly improve the quality and reliability of the projects.