231. The CES Recommendations for the 2020 census round and the previous editions did not contain a chapter on emergency preparedness and contingency planning, and included very little reference to this topic. However, following the experience of the Covid-19 pandemic that had a severe impact on the census operations in many countries across the world, it was decided that an entire new section of the new CES Recommendations for the 2030 round should be dedicated to this topic. This decision was informed not just by the Covid-19 experience but also by the possibility that other natural disasters, cyber-risks and technology dependency would impact census operational risks for the foreseeable future.

232. In order to provide information for the new chapter on this topic in the new CES Recommendations for the 2030 census round, various questions on emergency preparedness and contingency planning were included in the UNECE survey on national practices in the 2020 census round. The main results of those questions are presented in this chapter.

233. The first question about emergency preparedness in the UNECE survey was aimed at assessing the risk management approach in NSOs/census offices, by asking the level of agreement with a series of statements related to risk management and contingency planning. The responses to this question are presented in Table 40.

234. There is a general agreement (combined agree and partly agree responses) across most aspects of risk management practices, including the formal risk management policy, risk management procedures and effectiveness in dealing with risks (maximum 3 countries disagree, around 5%).

235. Countries appear to have strong foundations in place, as indicated by the high levels of agreement regarding the existence and effectiveness of formal risk management policies and procedures.

236. The slightly higher level of disagreement (7%) suggests potential areas for improvement in incident management procedures.

237. There is noteworthy disagreement (8 countries, or 20%) regarding the allocation of specific staff and resources for risk management. The survey did not include a question on the reasons for this, perhaps some countries don’t have enough resources to allocate for risk management.

238. There is a considerable level of disagreement (11 countries, 26%) regarding the engagement of external stakeholders in risk management processes. Improving communication and collaboration with external stakeholders could be beneficial. Six countries (14%) disagree with the effectiveness of leveraging technology to support and enhance risk management capabilities and processes. This highlights a potential gap in utilizing technology to enhance risk management capabilities.

Statements	Total replies	Level of agreement / response
		Agree	Partly agree	Disagree	Don't know/ don't wish to answer	N/A
We have a formal risk management policy that defines the objectives, scope, roles and responsibilities, and principles of risk management	43	24	14	1	1	3
We have a risk management procedure that provides a structured and systematic approach to identify, assess, treat, monitor and communicate risks across the organization	42	22	13	2	1	4
We have an incident management procedure in place that specifies how to respond to risk events when they materialize	42	22	12	3	1	4
We deal effectively with risks or prevent them from happening	42	22	13	2	2	3
We develop risk mitigation plans that identify and implement actions to reduce the likelihood or impact of risks	42	21	11	3	2	5
We develop contingency plans that identify and implement actions to respond to and recover from risk events or situations	42	20	12	3	2	5
We regularly review and update risk management policies and procedures to reflect changes in the internal and external environment	42	20	15	2	1	4
We leverage technology and data to support and enhance risk management capabilities and processes	42	18	11	6	2	5
We dedicate specific staff and resources to risk management	41	17	9	8	1	6
We engage and involve external stakeholders (e.g., customers, suppliers, other partners, etc.) in risk management processes and decisions	42	15	9	11	2	5

239. In order to avoid or manage risks, they must be first identified. Various issues can be considered as risks that may threaten the proper execution of the census, the quality of the data, the security of the information collected, or the availability of human or financial resources. When planning the census – regardless of the method adopted – time and resources should be dedicated to identifying and managing risks, assessing the likelihood of occurrence of each risk, the degree and nature of its impact on the census, and discussing the possible mitigations aimed at lowering the likelihood of occurrence and/or the impact of any threat to a census.

240. Statistical agencies may not have the capacity to act on all risks, so they should prioritize them and take action to first mitigate the greatest risks to the census, and/or those risks which are most likely to affect the census in the near term.

241. In the survey, a question was asked about how the statistical agency identify and prioritise risks for the census. Respondents could choose one among four different strategies. The results are presented in Table 41.

242. The data suggests a variety of approaches to identifying and prioritizing risks, ranging from proactive and systematic methods to reactive and informal approaches. In total, 27 countries (60%) identify and prioritize risks using a consistent methodology and criteria (systematically or ad-hoc assessments as needed), 7 countries (16%) use informal or intuitive methods of risk assessment as needed and 4 countries (9%) react as risks arise. Responses vary slightly across different census types: for field enumeration and combined censuses, the use of a consistent methodology and criteria seems higher than for register-based approaches.

243. Adopting comprehensive and systematic risk assessments involving relevant stakeholders appears to be the most prevalent and effective approach, ensuring a structured and collaborative process for identifying and prioritizing risks.

Strategy	Total (45 countries)	Type of census
		Field enumeration (15 countries)	Combined (16 countries)	Register-based (14 countries)
Comprehensive and systematic risk assessments at least annually, involving relevant stakeholders and using a consistent methodology and criteria	17	7	7	3
Ad hoc risk assessments as needed but using a consistent methodology and criteria	10	4	3	3
Informal or intuitive methods of risk assessment as needed, such as personal experience, judgement, or feedback, but no consistent methodology or criteria	7	0	3	4
We react to risk as they arise	4	1	2	1
Other	2	1	0	1

244. In order to properly manage issues and risks related to the census, all the census operations from the planning to the dissemination, must be carefully monitored – especially during high-risk periods such as during the field operations of an enumeration-based census – so that possible issues are detected on time, assessed, and action through mitigation measures or other is taken if considered appropriate.

245. A question in the survey asked countries what strategy was adopted to monitor and review risks in the census. The responses are presented in Table 42.

246. The data suggests a range of approaches to monitoring and reviewing risks, with varying levels of frequency and the use of indicators and metrics. Adopting a regular and systematic approach to risk monitoring, supported by relevant indicators and metrics, appears to be a prevalent approach, adopted by 18 countries (40%).

247. However, several countries monitor risks only occasionally (17 countries, 38%) and some rarely or never conduct risk reviews (4 countries, 9%), indicating potential gaps in risk management practices that may compromise the organization's ability to identify and respond to emerging risks effectively.

Strategy	Total (45 countries)	Type of census
		Field enumeration (15 countries)	Combined (16 countries)	Register-based (14 countries)
On a regular basis, using relevant indicators and metrics to measure the effectiveness of risk management activities and actions	18	8	7	3
Occasionally as deemed necessary, using relevant indicators and metrics to measure the effectiveness of risk management activities and actions	10	3	5	2
Occasionally as deemed necessary, but with few or unreliable indicators and metrics to measure the results of risk management activities and actions	7	1	1	5
We never or rarely monitor or review risks	4	1	2	1
Other	1	0	0	1

248. Another question in the survey investigated how the statistical agency practice contingency planning and incident response for different types of risks, for example using role playing or other simulation techniques. The responses are presented in Table 43.

249. From the replies it emerges that only 13 countries (29%) practice contingency planning and incident responses regularly and systematically, involving relevant stakeholders and covering a range of plausible scenarios and situations. The percentage for field enumeration censuses (33%) and combined censuses (38%) is significantly higher than for register-based censuses (12%).

250. Contingency planning and incident responses are practiced occasionally or rarely by 11% and 13 percent of the countries, respectively, and are not practiced at all by 29% of the countries.

Strategy	Total (45 countries)	Type of census
		Field enumeration (15 countries)	Combined (16 countries)	Register-based (14 countries)
Regularly and systematically, involving relevant stakeholders and covering a range of plausible scenarios and situations	13	5	6	2
Occasionally or selectively, involving some stakeholders and covering a few common scenarios and situations	5	3	1	1
Rarely or sporadically, involving few stakeholders and covering only the most likely or severe scenarios and situations	6	1	4	1
Other	3	1	0	2
Not at all	13	3	4	6