Page 19 - SAGT Sustainability Report 2023-2024
P. 19
SUSTAINABILITY REPORT 2020/21 17
The scope of functions and responsibilities are Compliance. Internal Audit assignments are of compliance with applicable laws and
adequately set out in the terms of reference primarily outsourced to leading professional regulations applicable to their respective
of the Committee which has been approved firms under the supervision of SAGT’s Internal oversight areas. The effectiveness and
by the Board and is reviewed annually. The Audit, Risk and Compliance Division. resource requirements of the Audit, Risk and
Committee’s responsibilities pertain to the Compliance division are reviewed by the Audit
Company as a whole in discharging its duties. Matters related to Enterprise Risk Management Committee and changes affected as needed.
also fall under the purview of the Head Internal
Internal Audit, Risk and Compliance of Audit, Risk and Compliance who is required Risk Management
Division to identify, assess and manage all significant
risks faced by the Company. The Head Internal Risk Management forms an integral part
The Internal Audit, Risk and Compliance of Audit, Risk and Compliance reports to the of SAGT’s overall Governance Framework,
Division regularly reports to the Audit Audit Committee and the Executive Committee working alongside other governance systems
Committee on the adequacy and effectiveness regarding risk related matters. and processes.
of Company’s internal control systems in line
with established policies and procedures The Head of Internal Audit, Risk and Enterprise Risk Management (ERM)
as well as on meeting SAGT’s regulatory Compliance is further expected to obtain Process
compliance requirements. Follow-up actions formal assurances every quarter from the
taken based on recommendations and any Company’s senior management, regarding The ERM process at SAGT takes a bottom-up
other significant matters are documented the efficacy and status of the internal approach and begins at a departmental level.
and presented to the Audit Committee control and risk management systems, along The following diagram depicts the process
every quarter by the Head of Audit, Risk and with a confirmation regarding the status flow of risk management activities and
reporting across the organisation.
SAGT Risk External Business Business Organisation Analysis and Technology Sustainability
Universe Environment Strategies and Process and People Reporting and Data and CSR
Headline Risks
Policies
Risk Presentation Board of Directors/Executive Committee/Audit Committee SAGT Risk Review, Report, • Enterprise Risk Management
Risk Validation CEO and Senior Management Team Feedback and Action • Sustainability Integration
Management Committee • Audit Review
Risk Normalisation Departments Company and Department
Risk Identification Operational Units/Management Bodies Risk Review
Department Risk Review,
Report and Action
Report Content
RISK MANAGEMENT STRATEGY 1. Identifying any and all risks, the Company 4. Identifying any further appropriate
may face in striving to achieve its strategic controls/improvements and mitigation
Prudent risk management is critical to SAGT’s and operational objectives strategies for each risk event
operations. Thus, a well-structured risk
management process is in place to identify 2. Assessing any existing processes/controls 5. Assigning a Risk Owner for every risk
potential risks and ensure their mitigation. to mitigate relevant risks event
Risks are documented and recorded
through the departmental Risk Control Self- 3. Determining the level of each risk through 6. Auditing all departmental RCSAs to
Assessment (RCSA) documents and through a net risk rating where each individual risk ensure appropriate mitigation plans are in
the Company-wide RCSA, and the key risks is assessed to determine the likelihood place at all times
thus identified are managed by – of occurrence, the impact and its velocity
within the Company’s existing risk control
framework