Risk management
Risk management is an integral component of our governance framework which enables the group to manage business and industry threats and capitalise on potential opportunities. The risk management principles outlined in King ll are embedded into key processes to ensure the business remains sustainable and continues to create wealth for shareholders.
The board retains accountability for risk management and responsibility is delegated to the Audit and Risk committee to ensure the group has adequate risk and internal controls.
Risk management process
The group’s risk management and internal audit functions are integrated. Risk management is the responsibility of operational management, with internal audit acting as a facilitator in quantifying, measuring and reporting on the status of business risks to the Risk Working Group.
Senior executives and management undertake a control self-assessment exercise twice a year to formally evaluate risks facing the business. This process is facilitated by internal audit. The results are reported to the Risk Working Group to identify significant risks to the group and to recommend strategies for monitoring, managing or mitigating these risks.
Ownership of each risk is assigned by the Risk Working Group to specific executives or business units who are accountable for managing the risk.
A profile of the major risks facing the group is presented to the Audit and Risk Committee twice a year by the Risk Working Group.