Menu

Material issues

Aveng enterprise risk management

Risk is pervasive in all business activities. Our operational performance and the impact this has on our financial position is a critical risk focal point. Risk is also inherent in the way we manage our resources and relationships, the impact we have on the safety and wellbeing of people, and our impact on the communities and the natural environments within which Aveng operates.

The Aveng Group continuously reviews and improves risk management processes and has recently, among other interventions, adopted the concept of ‘three lines of defence’ particularly to strengthen assurance obtained at various levels. The three lines of defence jointly form the combined assurance model for Aveng. There is a need to optimally balance the levels of assurance obtained from each line of defence. To this end there is currently a drive to shift assurance levels from the third line to first and second lines in certain areas to enhance ownership of risk and control compliance by management.

Risk management approach

A review of our operations has identified that while we have a sound risk management framework that governs the Group’s approach to the assessment and treatment of risk, the actual management of risk at the operational level has not been totally successful leading to a sub-optimal outcome in operational performance.

The adoption of a three lines of defence model of risk management with clearly defined roles and responsibilities to identify, evaluate and manage opportunities, threats and uncertainties that could influence the Group’s results, ensures both regulatory compliance as well as compliance with group policies.

Governance structure

The Board’s risk committee and audit committee act as the governing bodies for the combined assurance model.

Additional information about the functioning of these structures is available in the corporate governance report, or the full corporate governance report online
www.financialresults.co.za/2014/aveng-integrated-report-2014/corporate-governance.

Key business risks

Key business risks are identified as internal or external risks that have the potential to cause significant financial loss, to fundamentally undermine the Group’s competitive position and to adversely impact its reputation. A risk register is updated quarterly and reported to the Board and the risk committee. This information is used to determine the strategic interventions and mitigation measures required to minimise the impact of risks.

The top business risks emerging from enterprise risk management (ERM) for the period were as follows and closely correlate to the material issues determined for the Group as a whole: