SACAA Annual Report 2022_23

S

R

A

Y

E

No. Outcome

Principle

Application

Governance Instrument

Status

• Board Charter • Enterprise Risk Management Framework and Policy • Risk Management Committee • Combined

The Audit and Risk Committee assists the Board with the governance of risk. The Board is aware of the importance of risk management, as it is linked to the strategy, performance, and sustainability of the SACAA. The enterprise risk management and combined assurance frameworks, together with other SACAA policies and procedures, inform its risk management culture. The entity has a Risk Committee which considers the material outcomes of these processes and probes risk exposure above the desired levels. This informs the SACAA strategy and assists with decision-making at the Board level. The risk assessment process is formally integrated into the SACAA’s assurance framework and plan has been adopted, which is monitored by the ARC. The Board has delegated its oversight role on ICT Governance to the ARC. An IT Steering Committee is in place at ExCo level and reports on technology and information communication are tabled quarterly at the ARC. There is an approved ICT plan in place and the ARC monitors the progress quarterly. annual business planning. A comprehensive combined

11.

Risk Governance

The governing body should govern risk in a way that supports the organisation in setting and achieving

its strategic objectives.

Assurance Framework • Risk Quarterly Reports • Combined

Assurance Reports

• Board Charter • Enterprise Risk Management Framework and Policy • ICT Policy • The Ethics Policy • Compliance Management Policy

12.

Technology and information governance

The governing body should govern technology and information

in a way that supports the

organisation to set and achieve

its strategic objectives.

Governance I Annual Report 2022/23 I 101