Page 214 - SAMRC Annual Report 2024-2025
P. 214

ENTERPRISE RISK MANAGEMENT





            The  SAMRC’s  Enterprise  Risk  Management  (ERM)   The Board maintains a strong and regular oversight
            Framework provides  an integrated,  structured and   of  the  various  committees’  work  and  receives
            consistent approach to risk management. The        regular  updates  on  the  activities  of  the  ARIC  on
            framework draws on internationally accepted best   the  organisation’s  system  of  risk  management  and
            practice and aligns with relevant standards, i.e. it   strategic risk mitigation measures, and reports on its
            considers the ERM principals articulated in the COSO   review in the SAMRC’s Annual Report.
            framework, ISO 31000 and King IV.
                                                               Risks are reviewed throughout the year, and this
            While the Board is ultimately responsible for the   continuous process informs any updates to the
            maintenance of an effective risk management process,   SAMRC’s  risk  registers,  at  both  strategic  and
            the Audit & Risk and IT Committee (ARIC) while     operation level. An ongoing review of the ERM and
            overseeing the efficacy of this process and monitoring   risk management process ensures that best practice
            the effectiveness of the system of risk management,   is considered while maintaining a practical and
            assists the board in assessing and forming a conclusion   business-minded approach.
            on the adequacy of the risk management process. The
            ARIC’s delegated responsibility further extends over   The  SAMRC’s  comprehensive  risk  management
            that  of  the  SAMRC’s  internal  auditors  and  external   system is designed to identify and assess important
            auditors. The strategies adopted by the ARIC allows   emerging  and  significant  risks  faced  by  the
            for the timely review of any internal control weakness   organisation. The ERM Unit at SAMRC is a dedicated
            identified by these assurance providers. In addition,   department that reports directly to the ARIC and has
            continual improvements in the development of ERM   primary responsibility for the design, implementation
            methodology further enhances the SAMRC’s overall   and monitoring of corporate  enterprise-wide risk
            risk management coverage and focus.                management across the SAMRC



            Our risk management process, while iterative, starts with risk identification.






                                                     Reporting review            Risk identification
                       Monitoring and Review
                       effective assessment for      by ARIC effective        input from management,
                                                  assessment and changes      stakeholders, assurance
                           significant risks
                                                       to risk rating                review





                 Assurance review
                                                                                       Inherent risk assessment
                  adequacy and
              effectiveness of controls              ERM Process                       based on likelihood and
                                                                                        impact for the SAMRC
                over significant risks






                                        Risk mitigation          Residual risk assessment
                                    identified, discussed and   after assessing adequacy
                                    responsibilities assigned     of current mitigations




            212         SAMRC  ANNUAL REPOR T 2024-25
   209   210   211   212   213   214   215   216   217   218   219