Corporate ERM continues to shape and safeguard with strong oversight and control at the Corporate centre.
The business units implement the ERM policy, standards and framework. They also implement and maintain the risk registers, identify mitigating controls, implement action plans and operationalise the business unit assurance forums. During ongoing risk analysis, each business unit consults ERM, who in turn produces a risk profile report, demonstrating the management of key risks and opportunities identified.
Each business unit has a business unit assurance forum to affect the ERM framework through effective risk management and combined assurance to optimise risk-taking.
The chief risk and compliance officer leads Telkom’s risk community in the ERM forum, which was formed to share best practices and knowledge, and engage and monitor key risks and mitigating plans.
The IGRC and IT and information security governance committees conduct the final assessment of the risks and risk opportunities identified to be reported to the board and its committees.
All business units’ executive committees are accountable for managing risks with the approved delegation of authority, within their respective areas of responsibility.
ERM function
The corporate risk and compliance function develops strategy and frameworks, and sets guidelines and standards. It provides policy direction, assurance and advice, as well as training and monitoring. Business units implement the risk strategy and framework and monitor risk mitigation plans.
Our risk and compliance transformation journey
During the year, we embarked on a transformation journey to enhance our risk management approach and framework for the group. We appointed the chief risk and compliance officer who reports to the GCEO and the risk committee, and dedicated risk officers for each business unit. We have moved from a decentralised model to a hybrid operating model.
"Looking for a Similar Assignment? Get Expert Help at an Amazing Discount!"