Page 22

AFRICAN DAWN ANNUAL REPORT 14

Application of principles in King III continued Governance of risk The board is responsible for the governance of risk 3 The board determines the levels of risk tolerance 3 The audit and risk management committee assists the board in carrying out its risk responsibilities 3 The board has delegated the process of risk management to management. The board ensures that risk assessments 3 are performed on a continual basis. Frameworks and methodologies are implemented to increase the probability of anticipating unpredictable risks The board ensures that management implements appropriate risk responses 3 The board receives assurance regarding the effectiveness of the risk management process 1x Sufficient risk disclosure to stakeholders 2# x:The Group has not complied with this principle in full due to not having an internal audit function. Reports from management to the Board and audit committee provide a balanced assessment of the key risks facing the Group. The risk register is pivotal in this assessment. #: The Board has disclosed and discharged its views and responsibility on the effectiveness of the Group’s risk management process in the statement of responsibilities of directors in the Group’s annual integrated report and furthermore discloses the risks facing the Group and the mitigating actions that will either reduce the probability or lessen the impact thereof. Governance of information technology The board is responsible for the governance of information technology (IT) 3 IT is aligned with the performance and sustainability objectives of the company 3 Management is responsible for the implementation of an IT governance framework 3 The board monitors and evaluates significant IT investments and expenditure 2x IT is an integral part of the company’s risk management. IT assets are managed effectively 3 The audit and risk management committee assists the board in carrying out its IT responsibilities 3 Compliance with laws, rules, codes and standards 3 The board ensures that the company complies with applicable laws and considers adherence to non-binding rules, 3 codes and standards The board and each individual director and senior manager has a working understanding of the effect of laws, rules, codes and 3 standards applicable to the company and its business Compliance risk forms an integral part of the company’s risk management process 3 The implementation of an effective compliance framework and process has been delegated to management 3 x: The Board, through the audit committee, oversees the proper value delivery of IT and monitors that the expected return on investment are derived and protected. Internal audit The board ensures that there is an effective risk-based internal audit 1x Internal audit follows a risk-based approach to its plan 1x Internal audit provides a written assessment of the effectiveness of the company’s system of internal controls and 1x risk management The audit committee is responsible for overseeing internal audit 1x Internal audit should be strategically positioned to achieve its objectives 1x x: Due to capital and resource constraints, the Company does not have a separate internal audit function. The oversight of internal control remained with the audit committee and the required testing and investigation was performed in-house by competent financial staff or external consultants as required. A separate internal audit division with qualified internal auditor will be formalized and implemented in the near future. The internal audit tasks remain with the audit committee for time being until the internal audit department will take responsibility of all internal audit matters. AFRICAN DAWN 1 9 ANNUAL REPORT 2014


AFRICAN DAWN ANNUAL REPORT 14
To see the actual publication please follow the link above