Page 42 - SAMRC Strategic Plan
P. 42
Good governance practices such as the King Code of assurance that the SAMRC’s risk management
Corporate Governance for South Africa, 2016 (King and internal control systems are well designed
IV) is also applicable – Risk Governance Principle 11, and operate effectively and that any corrective
stating that the governing body should govern risk action is taken in a timely manner. Its audits cover
in a way that supports the organisation in setting internal controls and risk management processes
and achieving its strategic objectives. relating to the financial and operational, as well
as IT and compliance activities of the SAMRC.
The SAMRC has adopted a common and integrated The outsourced Internal Audit function reports
approach to monitor the SAMRC’s strategic, functionally to the SAMRC Board Committee, Audit
research, clinical trial and other operational risks. Risk and Information Technology Committee (ARIC),
The purpose to embed the practice of enterprise and is overseen by the Internal Audit Charter, which
risk management at the SAMRC is to: set out the purpose, scope and authority of the
(a) Realise “value” for the stakeholders, medical Internal Audit function and is reviewed annually.
and health care institutions and the population Internal Audit has unrestricted access to the
of South Africa. Chairperson of the ARIC and the SAMRC President.
(b) Set strategies and action plans in place to limit The Internal Audit function works closely with the
and decrease the risk exposures of the SAMRC. Risk Management function and engages with the
(c) Place management in a position to deal external auditors on an ongoing basis.
proactively with potential emerging risks that
may create uncertainty. The work of Internal Audit focuses primarily on
(d) Support management with a mechanism to areas that present the greatest risk to the SAMRC.
reduce the likelihood of downside outcomes and This is achieved by following a risk-based assurance
increase the potential for upside opportunities approach, focus on the key risk exposure as approved
by the Board. An Internal Audit Plan is prepared
The realisation of SAMRC’s Strategic Plan depends annually and set on a three-year rolling basis. Focus
on its management being able to manage risks areas are determined and updated annually using a
in a way that does not jeopardise the interests risk-based approach considering the risk assessments
of stakeholders. Sound management of risk will conducted in the public entity and ensuring the work
enable the SAMRC to anticipate and respond to is appropriately aligned to and coordinated with the
changes in the environment, as well as to take activities of other relevant assurance providers. The
informed decisions under conditions of uncertainty. SAMRC captures and track all internal and external
The features of the risk management process are audit findings, mitigating actions and responsibilities
outlined in the SAMRC’s Risk Management Strategy and is followed up quarterly by Internal Audit. The
and Risk Management Framework, as updated from ARIC receives quarterly reports on progress against
time-to-time. the Internal Audit Plan and corrective actions taken
by management in response to audit findings.
As the SAMRC, we understand that risk management
is not there to impede the management of the entity 10.4.2.14. Managing Conflicts of Interest
but to assist with the achievement of organisational The SAMRC’s commitment to high standards of
objectives. We believe that a commitment to business conduct and ethics is set out in the SAMRC’s
the philosophy of risk management will ensure a values and is supported by the Code of Business
safer, healthier and quality driven environment for Conduct Framework Policy (Code). In this regard
employees, and the preservation of assets and value the SAMRC’s commitment to the Code provides a
for the benefit of all stakeholders. framework of ethical practices and business conduct
that are applicable to the Board, employees and
10.4.2.13. Internal Audit and Audit Committee external stakeholders.
The Internal Audit function is a key element of the
organisation’s internal control. Its role is to provide
SAMRC STRATEGIC PLAN 2025/26 – 2029/30 41