Key focus areas and value-creating activities for the period under review

• Monitored the continued growth in maturity of enterprise risk management: Enterprise Risk Management Policy, Framework and Risk Appetite and Tolerance, Risk monitoring report (incl emerging risks, opportunities, Business Continuity Plan (BCP)
• Noted the outcome of the Business Continuity Management (BCM) project being the development of Business BCP for individual business areas, recognising both the operational variability and geographic dispersion of the operating sites. In terms of multiple risks materialising, the individual BCPs would be able to deal with the multiplicity of risks, with elevated coordination of all structures of Management
• Reviewed the IT Risk Register, Cyber-security Report, Investments, BECS update (including causes for delays, budget extensions and decisions required in response to ongoing delays)
• Provided input and support to management on Strategic Projects – BECS implementation and change management, the Modernisation progress of the ERP system, drone project, inventory optimisation project
• Insurance programme renewal review
• Proactive tracking of changes in the regulatory environment and overseeing the need to appoint external consultants to fill the positions of Compliance and Ethics Officer positions, while these posts remained vacant
• Continued enhancement of procurement processes and contract management
• Monitored the Strategy Level Risk Register and emerging risks
• Considered the Information privacy and data protection obligations on SANBS – including the creation of internal and external privacy policies, with the latter being drafted for public-facing interfaces e.g., SANBS website