# RM3.2: Governance Risk Assessments

<table data-column-title-hidden data-view="cards" data-full-width="false"><thead><tr><th></th><th></th><th></th><th data-hidden data-card-cover data-type="image">Cover image</th></tr></thead><tbody><tr><td><i class="fa-bullseye">:bullseye:</i> Maximum Score</td><td><strong>0.25 points</strong></td><td></td><td></td></tr><tr><td><i class="fa-input-pipe">:input-pipe:</i>  Input Method</td><td><strong>Assessment Portal</strong></td><td></td><td></td></tr><tr><td><i class="fa-pen-to-square">:pen-to-square:</i> Prefill</td><td><i class="fa-check">:check:</i> <strong>Eligible</strong></td><td></td><td></td></tr><tr><td><i class="fa-calculator">:calculator:</i> Scoring method</td><td><strong>Static</strong></td><td></td><td></td></tr><tr><td><i class="fa-shield-check">:shield-check:</i> Validation</td><td><strong>Other answer is manually validated</strong></td><td></td><td></td></tr><tr><td><i class="fa-arrow-trend-up">:arrow-trend-up:</i> 2026 Updates</td><td><strong>None</strong></td><td></td><td></td></tr></tbody></table>

***

**Has the entity performed governance risk assessments within the last three years?**

{% columns %}
{% column width="75%" %}

<figure><img src="/files/Nr3tjQ80LlObuUXiJrIk" alt=""><figcaption></figcaption></figure>
{% endcolumn %}

{% column width="25%" %}

{% endcolumn %}
{% endcolumns %}

## Assessment Instructions

<details>

<summary><strong>Intent</strong>: What is the purpose of this indicator?</summary>

This indicator identifies the variables included in the entity’s governance risk assessments. Risk assessments refer to the identification and quantification of processes, systems, and/or scenarios that could potentially cause harm to the entity and its underlying investors.&#x20;

It is important that entities monitor their exposure to governance-related risks, as these can negatively impact reputation and expose the entity to civil and criminal penalties. RM3.2 asks whether certain governance issues are assessed in a risk assessment by the entity, which is different from the existence of governance policies ([PO3](/completingassessments/2026-real-estate-assessment/re/man/policies/po3-governance-policies.md)).

</details>

<details>

<summary><strong>Input</strong>: How do I complete this indicator?</summary>

Select yes or no. If yes, select all applicable sub-options.

#### Terminology

**Bribery**

> The offering, giving, receiving or soliciting an item of value to influence the actions of an official or other person in charge of a public or legal fiduciary duty.

**Corruption**

> Abuse of entrusted power for private gain.

**Cyber security**

> Protection from an assault by a third party via a computer against another computer or computer system, which is intended to compromise the integrity, availability or confidentiality of that computer or computer system.

**Data protection and privacy**

> Customer privacy includes matters such as the protection of data; the use of information or data for their original intended purpose only, unless specifically agreed otherwise; the obligation to observe confidentiality; and the protection of information or data from misuse or theft.

**Executive compensation**

> The financial payments and non-monetary benefits provided to high-level management in exchange for their work on behalf of an entity.

**Fiduciary duty**

> Refers to the obligations of loyalty and care in regard to the responsibility of managing someone else’s assets. A fiduciary duty is a position of trust and examples include a duty of confidentiality, a duty of no conflict, and a duty not to profit from his position.

**Forced or compulsory labor**

> All work or service which is expected from any person under the menace of any penalty and for which the said person has not offered himself voluntarily.

**Fraud**

> Wrongful deception intended to result in financial or personal gain.

**Governance issues**

> Governance structure and composition of the entity. This includes how the highest governance body is established and structured in support of the entity’s purpose, and how this purpose relates to economic, environmental and social dimensions.

**Political contributions**

> Financial or in-kind support given directly or indirectly to political parties, their elected representatives, or persons seeking political office.

**Shareholder rights**

> Can include the right to share in the company's profitability, income, and assets; a proxy statement; a degree of control and influence over company management selection; preemptive rights to newly issued shares; and general meeting voting rights.

</details>

<details>

<summary><strong>Validation</strong>: What evidence is required?</summary>

No evidence required. Only the 'Other' answer is manually validated.

#### **Other Answer**

State the other governance issue. Ensure that the other answer provided is not a duplicate of a selected option above (e.g., data confidentiality when ‘data protection and privacy is selected). It is possible to report multiple other answers. If multiple other answers are acceptable, only one will be counted towards scoring.

<a href="/pages/utxKQNLSUKyW8QMeUwEi" class="button primary" data-icon="shield">Validation Basics</a>

</details>

## Scoring

{% columns %}
{% column width="75%" %}

<figure><img src="/files/rwmj2jA7uLV1xtKlot32" alt=""><figcaption></figcaption></figure>
{% endcolumn %}

{% column width="25%" %}

{% endcolumn %}
{% endcolumns %}

<details>

<summary><strong>Scoring</strong>: How does GRESB score this indicator?</summary>

The scoring of this indicator is equal to the fraction assigned to the selected option, multiplied by the total score of the indicator.

**Other:** The 'Other' answer is manually validated and assigned a score which is used as a multiplying factor, as per the table below:

| Validation status | Score |
| ----------------- | ----- |
| Accepted          | 1/1   |
| Not Accepted      | 0     |
| Duplicate         | 0     |

<a href="/pages/SmkaMa2MwR7Pm97QbSwO" class="button primary" data-icon="hundred-points">Scoring Basics</a>

</details>

***

<details>

<summary><em>References</em></summary>

RobecoSAM Corporate Sustainability Assessment 2017: 5.2.3, Human rights-assessment

</details>

## Get Support: Solution Providers

**GRESB Solution Providers** are independent, third-party organizations within the GRESB Partner network that offer specialized products, tools, and services to support sustainability performance outside the GRESB Assessment process.

The organizations below deliver commercially available solutions designed to help drive improvement for this indicator. Engagement is managed directly between the reporting entity and the Solution Provider.

GRESB will continue to update this section as the GRESB Solution Provider network grows. Please check back regularly to find GRESB Solution Providers who can support your sustainability performance.

<table data-view="cards"><thead><tr><th></th><th data-hidden data-card-cover data-type="image">Cover image</th><th data-hidden></th></tr></thead><tbody><tr><td><a href="https://www.gresb.com/partners/cms/">See Directory Profile</a></td><td><a href="/files/6YqIJHHQWvo5vuxTR7eJ">/files/6YqIJHHQWvo5vuxTR7eJ</a></td><td>CMS</td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://guides.gresb.com/completingassessments/2026-real-estate-assessment/re/man/risk-management/rm3.2-governance-risk-assessments.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.