The level of risk you face will depend on the location and the type of information you are collecting. When conducting a risk assessment, consider three categories: threats, vulnerabilities, and capacities.
Think about how you could be affected negatively when carrying out your work. Is there a possibility you could lose your job, damage your reputation, loose contacts and access to people or places, be detained, injured or killed or have the people you work with negatively impacted as a result of your project? Might an individual or an institution try to impede your efforts?
Due to the sensitive nature of my work, security forces have threatened to raid my office and take me to jail.
Based on your particular context, you may be more or less vulnerable to certain types of threats. Vulnerability is relative and can change over time. In many cases, you can take steps to render yourself less vulnerable.
If you are documenting an event alone, at night and in a remote location, you are more vulnerable than if you are documenting an event during the day with other people around.
When you have a clear understanding of your threats and vulnerabilities, consider your capacities – the resources you have and can use to achieve a reasonable level of security. The more capacities you have, the less risk. Capacities can include relationships and connections, expertise, secure communication channels and safe refuge.
My capacities are that I have a network of 5-10 individuals that informs me of political events in the city, I have expertise on how to use encryption to secure my communications, and I am trained in security and legal issues.
Once you have a list for each category, remain conscious of your threats, reduce your vulnerabilities, and build on your capacities. You will always face some degree of risk, but you can always take steps to better protect yourself.
Note: Being a woman is never a vulnerability. It might place you in a vulnerable situation at a given time or place, but it is not per se a vulnerability.