RAND WATER ANNUAL REPORT 2023

HOW RAND WATER IS GOVERNED

KING IV PRINCIPLE

APPLY AND EXPLAIN

10. The governing body should ensure that

Clear directives of the organisation’s mandate are required by the CE who, in-turn, serves as an intermediary between the Board, management and all subordinates thereof. By appointing the CE, and through the DoA framework, the Board has ensured that there is a clear indication of roles and responsibilities. Further, such a process has ensured that relevant parties throughout the organisation have been transferred or assigned powers, as authorised by the Board, within which they may act. The Board has also maintained and promoted optimal corporate governance structures through its construction of the Board and Corporate Secretariat divisions. Accordingly, it therefore has access to a professional and independent governance procedure that promotes the adherence of all its legal duties conferred by relevant legislation, policies and/or regulations. By keeping and updating a strategic risk register, the Board, along with management, has initiated, in real-time, a process that allows for the constant mitigation of strategic and emerging risks. The Board has therefore afforded itself an opportunity to consider the effectiveness of various risk mitigation action plans as captured and stored by respective risk owners throughout the organisation and its operations. On a quarterly basis, it is a prerequisite that all risk owners submit consolidated updates, which are then considered by numerous governance structures (e.g. Group Audit and Risk Committee). The Board, along with management and its Committees, has created a data governance framework that supports information and data handling through planning, collecting, processing, analysing, publishing and archiving data. As a result, the following objectives have been set and are central to effective data management throughout the organisation: • Improvement of data quality, accuracy and completeness. • Improvement of business decision-making effectiveness through providing data; • Compliance with data protection laws and regulations; and • Implementation of a knowledge-sharing network throughout the organisation. TMC has established a Sub-Committee structure at Corporate Level (Digital Technology and Information Communications) DTIC, and the Sub-Committee is responsible for ensuring that the enterprise-wide digital technology and information governance, risk, compliance and internal controls are defined, implemented and operated effectively across Rand Water. The Digital Technology and Information Management (dtim) Strategy that outlines the objectives of Digital Technology and Information was developed and a DTIM Governance Report that incorporates the risk, audit action log and cyber security is submitted to the Board on a quarterly basis to ensure accountability to the Board. Refer to “How Rand Water is Governed” section of the IAR (page 34). Refer to “How we Manage our Risks” section of the IAR (page 31).

the appointment of, and delegation to, management contribute to role clarity and the effective exercise of authority and responsibilities.

11. The governing body

should govern risk in a way that supports the organisation in setting and achieving its strategic objectives.

12. The governing

body should govern technology and information in a way that supports the organisation setting and achieving its strategic objectives.

Refer to “How Rand Water is Governed” section of the IAR (page 34).

61