Example CINFO Duty of Care Maturity Model

Duty of Care

How to improve your safety and security risk management processes


The tool helps you to assess the safety and security aspects of your organisation’s Duty of Care. Using five steps, from an initial to an optimised level, you can determine your organisation’s strengths and potential for improvement in four areas: information, monitoring, prevention, and intervention. Hover over the sliders and refer to the legend for details on the respective requirements. After completion, export your assessment as PDF document.


This model indicates what safety and security risk management processes Swiss NGOs have to put in place, so that they can improve their Duty of Care towards staff working outside of headquarters.

The Matrix

Shows key Duty of Care processes

  • Serves as a learning tool
  • Measures Maturity across 5 levels
  • Does not set Duty of Care standards


This model is based on a joint study by GISF, CINFO and the Swiss Security Network. Information was gathered through literature research, an online survey and key informant interviews with 26 security focal points of major European and American NGOs.

What is Duty of Care?

Under the Swiss legal framework an employer is obliged to take all necessary and feasible measures to safeguard the health, safety and integrity of his employees (Art. 328 OR). This includes 4 overarching duties:

  • Duty of Information
  • Duty of Prevention
  • Duty of Monitoring
  • Duty of Intervention

The Matrix is a learning tool

The Matrix does not set Duty of Care standards but serves as a learning tool in order to improve Maturity across 5 levels: from an initial, ad hoc and reactive approach; over a structured, defined and measured step; to an optimized level, where there is an organizational culture of learning and continuous improvement.