ELRC 202324 Annual Report

EDUCATION LABOUR RELATIONS COUNCIL | 2023/24 ANNUAL REPORT

L EDUCATION LABOUR RELATIONS COUNCI

12.5 Risk Management

The Committee has:

• Assisted the Executive Committee in fulfilling its responsibilities in relation to risk management and internal control. • Reviewed the risk management processes implemented by management during the financial year and is satisfied with the progress made with the implementation of risk management within the Council. • Noted responsibility for coordinating the risk register resorts with the Internal Audit Function and that the Risk Management team meetings were held quarterly during the reporting year.

Activities performed

Frequency

Risk Management and Internal Control

Q P

Review of policies

Review of financial and non-financial performance information

Q and A

Assess management’s responses to significant audit findings, recommendations and notable control weaknesses, including potential improvements and agreed actions.

Q A

Review of risk assessment

Discuss significant matters arising from completed internal audits with the Internal Auditor, management and the external auditors.

Q

Q – Quarterly

P – Periodically

A – Annually

The Committee is of the view that the framework in place for combined assurance is adequate and is achieving the objective of an effective, integrated approach across the disciplines of risk management, compliance and audit.

12.6 Information and Communication Technology

The Committee has:

• Received and interacted with the quarterly ICT Governance Reports; ICT Steering Committee Reports and Audit Reports; and will continue with the monitoring of control measures put in over ICT systems including user access, security management and disaster recovery. • Accepted the implemented multi-factor authentication for the email system to ensure that there is added security on the system. • Noted that the Council is in the process of upgrading the provincial infrastructure from the old technology which is ADSL to the fibre platform that will allow better integration to the fourth industrial revolution. • Noted the value-add recommendation on cyber security enhancement to improve the security posture of the ELRC, given the current threat landscape in South Africa.

12.7 Compliance and Governance

The Committee has:

• Has reviewed the functioning of the ELRC and reports arising from its operation. • Oversaw compliance with applicable legal and regulatory requirements, including monitoring ethics and compliance risks.

118