Wesizwe is committed to embedding a culture of risk management, which adopts mitigation and is guided by the company’s culture of shared attitudes, values and goals. As a result, Wesizwe has adopted the International Risk Management Standard ISO31000–2018 and the Risk Management Principles and Guidelines for its risk management process. The risk management framework starts with the Board of Directors and cascades through the Audit and Risk Committee, the executive committee, the risk function, and into all other business operations.
Wesizwe organizational risk structure above.
On an annual basis the Board performs a strategic risk assessment which is monitored by the first line of defense “Management”. An operational risk assessment is performed by the executives (risk owners) and other managers, the risks are monitored by managers (Control owners) as the second line of defense. Internal Audit reviews the effectiveness of the risk management process and acts as the third line of defense. All the three lines of defense give a combined assurance to the Board and our stakeholders. Full details of our strategic approach to risk management are provided in our Annual Integrated Reports, which can be downloaded from the homepage of the website.