RAND WATER ANNUAL REPORT 2023

Consolidated Annual Financial Statements for the year ended 30 June 2023

Report of the Group Audit and Risk Committee Internal audit

In line with the PFMA and the King IV Report on Corporate Governance, the Group Audit Executive provides the Group Audit and Risk Committee and management with objective and relevant reasonable assurance, thereby contributing to the effectiveness of governance, risk management and control processes. The Committee is responsible for ensuring that the Group Internal Audit function is independent and has the necessary resources, standing and authority within the Group to enable it to discharge its duties. Furthermore, the Committee oversees co‑operation between internal and external auditors and serves as a link between the Board and these functions. The Committee considered and approved the internal audit charter, the internal audit function’s annual audit plan and the three‑year strategic plan. The Group Internal Audit Function reports administratively to the Chief Executive and functionally to the Committee and has the responsibility for reviewing and providing assurance on the adequacy of the internal control environment across all the Group’s operations. The Group Audit Executive has direct access to the Committee primarily through its chairperson. The Committee notes that the internal audit function was effective. Group Internal Audit provides reasonable assurance about the state of internal financial controls and the level of maturity of the control environment in general, which were found to be adequate and effective for the current financial year, except in the SCM area where limited assurance is provided. As a result, there were no material weaknesses for the current financial year. Combined assurance Rand Water has adopted a combined assurance model to strengthen the internal control environment and enhance the assurance obtained from management, and internal and external assurance providers. A combined assurance framework is in place and is governed by the Combined Assurance Forum (CAF) to support the embedding of combined assurance across the Group, the results of which are submitted to the Committee for consideration. The CAF comprises of nominated representatives from across the business namely: Integrity and Probity Assurance (IPA); Risk Advisory Services (RAS); Group Legal Services (GLS); Group Regulatory Compliance Services (GRCS); Group Internal Audit (GIA) and the Auditor General of South Africa (AGSA). Rand Water’s combined assurance responds to risks effected through the five lines of defense model. The responsibility for combined assurance is delegated to Group Internal Audit which facilitates and coordinates the execution of combined assurance activities. The Committee receives quarterly reports on the status of combined assurance activities over governance, risk management, compliance and the adequacy and effectiveness of internal controls. Expertise and experience of the Chief Financial Officer and Finance Function The Committee has satisfied itself that the Chief Financial Officer has appropriate expertise and experience for the management of the finance function. The Committee has considered and satisfied itself of the appropriateness of the experience and expertise of the senior members of management and the adequacy of resources of the finance function.

146