HOME Integrated Annual Report 2012 Sustainability Report 2012 Annual Financial Statements 2012
Corporate information   Downloads

Risk report

The risk committee sets the group risk framework and strategy and ensures a robust risk management process is in place.

Membership of the committee

The committee comprises both non-executive and executive members and is chaired by an independent non-executive director. The members of the committee during the year were Y Waja (chairman), H Adler, OS Arbee, HR Brody, S Engelbrecht, BJ Francis, R Haman, RL Hiemstra, MJ Leeming, P Michaux, G Rudman and JJ Strydom.

The committee had four meetings during the past financial year.

Attendance at committee meetings during the year:

  Member   Number of meetings attended
  Younaid Waja (Chairman)*   4
  Harvey Adler   3
  Osman Arbee   4
  Hubert Brody   4
  Schalk Engelbrecht*   4
  Bernice Francis   4
  Reginald Haman   4
  Tak Hiemstra   3
  Mike Leeming*   4
  Philip Michaux   3
  Gerald Rudman   3
  Jurie Strydom   2/2

Risk management model

In line with its policy of aligning group corporate governance with international best practice to safeguard the interests of stakeholders, Imperial has implemented an enterprise risk management model to identify and assess relevant risks facing the group at strategic, business and process levels. The group’s risk model is based on ISO 31000:2009 – Risk Management Principles and Guidelines.

Risk is not only viewed from a negative perspective. The assessment process also identifies areas of opportunity, for example where effective risk management can be turned into a competitive advantage, or where taking certain risks could result in reward for the group. Any risk taken is considered in the context of the group’s risk appetite and tolerance, which are reviewed and updated annually.

The decentralised structure of the group comprising many business units means the overall group risk is spread and minimised to within group tolerance levels. Risk management responsibility and accountability is largely devolved to divisional management structures, reporting to the divisional finance and risk review committees. The risk committee formalises, standardises and monitors this process by guiding management and assessing their effectiveness in implementing the approved risk management framework.

The board determines the level of acceptable risk and requires operations to manage and report accordingly. Material issues and circumstances that could affect the group’s reputation and financial affairs constitute unacceptable risk.

Senior management is committed to the established system of internal control for managing risk, which requires transparency and clear accountability.

The system of internal control has been implemented in all key operations and is tailored to suit the specific circumstances of each business unit. It provides reasonable, rather than absolute, assurance that the group’s business objectives will be achieved within prescribed risk tolerance levels. The associated risk areas and control processes are monitored and reported on across the group continuously. Internal audit aligns its procedures with the risks identified. Formal feedback is provided at both divisional finance and risk review committees and to the quarterly risk committee meeting.

King III describes risk management as the identification and evaluation of actual and potential areas of risk as they pertain to a company, followed by a procedure of termination, transfer, acceptance (tolerance) or mitigation of each risk. Informed by this definition the group’s risk management process therefore also uses internal controls as a measure to mitigate and control risk.

Aligned to our residual risk profile the group participates in a comprehensive insurance programme to ensure that material financial consequences of risk incidences do not result in undue hardship for group businesses.

In reviewing risk management reports and internal control, the board has:

  • considered what the group’s risks are and how they have been identified, evaluated and controlled;
  • assessed the effectiveness of the related process of risk management and, particularly, reports of significant failings or weaknesses in the process;
  • considered if the necessary action is being taken in time to rectify any significant failings or weaknesses; and
  • considered whether results from the review process indicate that more extensive monitoring is required.

Key inherent group risks

In addition to those business- and industry-specific risks identified at an operating division level, Imperial has also identified key risk categories that affect the group as a whole. The risks and the strategies implemented to mitigate them include:

  Risk   Strategies implemented in mitigation thereof
  Low growth in the economy  
Focus on niche products and services in our current offerings
Agility in operating model
Internal growth and acquisition strategies
  Labour disruptions
Impact on efficiencies due to increasing labour disruptions in our
own and customer industries
Fair and equitable labour practices
Active participation in industrial labour councils
Review of operational labour plans to ensure continuity of services
Diversification and spread of risk over industries
  Currency volatility  
Established hedging policy
Diversification of business models and territories to minimise the overall impact of currency risks
  Environmental and carbon taxes  
Group-wide sustainability strategy implemented
Proactive engagement with industry and governmental bodies
Implementation of non-financial reporting systems to ensure ongoing monitoring and reporting of key targets and initiatives
  Valuations of assets
Effective control of asset values given the fleet and inventory holding of new and used assets that are core to the group’s business model
Active management and investment in optimising inventory and fleet levels
Regular review and application of latest accounting and business principles
Enhanced governance oversight
Active review and monitoring of the realisable value of assets
  Reputation and brand perception  
Group-wide branding and marketing position strategy for the Imperial brand
Ongoing review of compliance to group ethics and legal requirements
  Talent management
Key to our success is our people, their commitment and knowledge of the business and industry and growing the base of skills within our country
Identification of key current and future skills required and alignment with development programmes
Divisional and group-wide training and upliftment programmes
Establishment of specialist training academies and skills development programmes
Coordinated transformation philosophy, policies and focused projects
Promotion and upliftment of internal candidates
Expansion of our current recruitment base
  Acquisition risks
Acquisitions in new business sectors and territories
Clearly defined expansion areas
Strong group mandate structure relating to investments
Regular review of acquisition risks and criteria at executive level
Formalised post-acquisition reviews
  Third-party dependence and reliance
Some of our businesses have exposure to or depend on key relationships and contracts
Proactive relationship and contract satisfaction management with key suppliers and customers
Formalised and proactive management of service and product level expectations
Ongoing oversight and monitoring of contract renewals and negotiations
  Regulatory and compliance
Ensuring compliance with relevant legislation and regulations
Centralisation of selected specialist areas where compliance risk is high
Proactive monitoring, input and operational implementation plans and frameworks on emerging legislation
Increased resource allocation to legal and compliance units
  Increased exposure to risks related to the chemical industry
subsequent to the acquisition of Lehnkering
High levels of compliance with hazardous materials regulations
Board oversight

The board:

  • recognises that it is accountable for the process of risk management and systems of internal control, which are regularly reviewed for effectiveness, and for establishing appropriate risk and control policies and communicating these throughout the group;
  • is satisfied there is an ongoing process of identifying, evaluating and managing the significant risks faced by the group. This process has been in place for the review period and to the date of approving the annual financial statements; and
  • is satisfied there is an effective system of internal controls and that group-wide strategies are in place to mitigate the consequences and impact of significant risks faced by the group to an acceptable level.

IT governance

Aligned to our decentralised management model, Imperial has implemented an umbrella IT governance framework. The framework was developed and adopted by the divisions in respect of key components and requirements set out in current best practice benchmarks. Therefore irrespective of the standard adopted by a division, each operation is measured against the defined group minimum standard.

The objective of our standardised IT governance framework is to ensure:

  • guidance to divisional and operational IT functions in respect of what is required from the group;
  • a standard measurement of IT maturity within the group; and
  • compliance with King lll.

In the year under review a number of key strategies relating to IT governance were implemented. The group identified a key person responsible for IT governance within each division. A selfassessment questionnaire was completed detailing the principles and guidelines of expected IT policies, processes and behaviours.

The IT governance framework is based on the following six principles:

1. Business alignment and enablement
IT strategy and responsibilities
Role and benefits of IT (internal and external)
Standards and core policies
2. Operations performance
People capacity and development
Internal processes and measurements
3. Procurement and supplier selection
Capital spending (hardware and software)
Partnerships and approved suppliers
4. Supplier performance management
Formalised service level agreements
Structured commercial agreements
5. Business continuity/disaster recovery
Business impact analyses
Tested back-up and recovery
6. Compliance and security
Data privacy, security and access control
Internal control monitoring

A group chief information officer (CIO) forum was established chaired by an executive responsible for risk. Its purpose is to:

  • share divisional information on best practice within the group;
  • highlight common group IT risks and mitigations;
  • identify transversal or cross-functional IT opportunities;
  • ensure ongoing quality review and implementation with group standards; and
  • provide feedback and communication with the executive committee on relevant matters of concern.

Y Waja

21 August 2012

back to top ^