ELRC 202324 Annual Report

EDUCATION LABOUR RELATIONS COUNCIL | 2023/24 ANNUAL REPORT

5. INTERNAL AUDIT AND AUDIT & RISK COMMITTEE Internal Audit provides management with independent, objective assurance and consulting services designed to add value and to continuously improve the operations of the ELRC. It assists the Council to accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of Governance, Risk Management and Control processes. The following key activities are performed in this regard: Assess and make appropriate recommendations for improving the governance processes in achieving the Council’s objectives; Evaluate the adequacy and effectiveness and contribute to the improvement of the risk management process; and Assist the Accounting Officer in maintaining efficient and effective controls by evaluating those controls to determine their effectiveness and efficiency, and developing recommendations for enhancement or improvement. Internal Audit work completed during the year under review for ELRC included twelve assurance engagements, fourteen mandatory reviews and four follow-up audits. The Audit Committee is established as an oversight body, providing independent oversight over governance, risk management and control processes in the ELRC, which include oversight and review of the following: • Internal Audit function; • External Audit function (Ngubane & Co Inc.); • Accounting and Reporting; • Accounting Policies; • External Auditor Management and Audit Report; • In-year Monitoring; • Risk Management; Internal Control; Pre-determined Objectives; ICT Governance and SHE activities ICT GOVERNANCE ICT governance remains essential for the Council to effectively manage its IT resources, align technology with business goals, mitigate risks, and ensure compliance with regulations. It also assists in fostering transparency, accountability, and strategic decision-making, ultimately contributing to the Council’s success in a technology-driven business landscape. The Council reports this compliance in the ICT Steering Committee and Audit and Risk Committee meetings. COMPLIANCE WITH LAWS AND REGULATIONS The IA function oversees employee compliance with laws and regulations. IA ensured that the Council conformed to the applicable organisational laws. Guidance was provided through audit reports where there were shortcomings, and action plans were put in place to remedy the identified challenges. Compliance with the Protection of Personal Information Act (POPIA) of 2013 ensures enhanced data security, improved customer trust and loyalty, and reduced legal and financial risks. The Council is fully compliant with the provisions of the Act, as set by the Information Regulator. Adherence to the Act is monitored quarterly. FRAUD AND CORRUPTION Council continuously encourages staff to report fraud and corruption issues via the National Anti-Corruption Hotline. The IA department assists with monitoring the execution of duties in line with Council policies. 6. 7. 8.

113