Our risk management and materiality
Risk management process
The Tsogo Sun board recognises that the management of business risk is crucial to our continued growth and success and this can only be achieved if all three elements of risk – namely threat, uncertainty and opportunity – are recognised and managed in an integrated fashion.
The audit and risk committee is mandated by the board to establish, coordinate and drive the risk process throughout the group. It has overseen the establishment of a comprehensive risk management system to identify and manage signiﬁcant risks in the operational divisions, business units and subsidiaries. Internal financial and other controls ensure a focus on critical risk areas, are closely monitored and are subject to management oversight and internal audit reviews.
The systems of internal control are designed to manage rather than eliminate risk, and provide reasonable but not absolute assurance as to the integrity and reliability of the financial statements, the compliance with statutory laws and regulations, and to safeguard and maintain accountability of the group’s assets. The board and executive management acknowledge that an integrated approach to the total process of assurance will improve the assurance coverage and quality in addition to being more cost-effective and to this end a combined assurance framework is being finalised.
In addition to the risk management processes embedded within the group, the group executive committee identiﬁes, quantiﬁes and evaluates the group’s risks twice a year utilising a facilitated risk assessment workshop. The severity of risks is measured in qualitative as well as quantitative terms, guided by the board’s risk tolerance and risk appetite measures. The scope of the risk assessment includes risks that impact on shareholder value or that may lead to a signiﬁcant loss, or loss of opportunity. Appropriate risk responses to each individual risk are designed, implemented and monitored.
The risk proﬁles, with the risk responses, are reviewed by the audit and risk committee at least once every six months. In addition to the group risk assessment, risk matrices are prepared and presented to the audit and risk committee for each operational division. This methodology ensures that identiﬁed risks and opportunities are prioritised according to the potential impact on the group and cost-effective responses are designed and implemented to counter the effects of risks and take advantage of opportunities.
Determination of materiality
The matters included in our integrated annual report are principally aimed at providers of financial capital in order to support their financial capital allocation assessments. The interests of the providers of financial capital are, however, largely aligned with other key stakeholders in that they also are focused on the creation of value in the long term.
In determining which matters are material for disclosure in our integrated annual report we have considered whether the matter substantively affects, or has the potential to substantively affect, our strategy, our business model, or the forms of capital we utilise and ultimately our ability to create value over time.
The assessment of the magnitude of the impact and the likelihood of the occurrence of the group’s top risks informed the identification and prioritisation of the material matters for inclusion in the integrated annual report. The matters identified were compared with those being reported on by organisations in the same or similar industries to ensure that relevant matters have not been excluded from the report.