Risk factors and their management

On this page:

• Context
• Governance
• Risk management processes, systems and organisation
• Risk management activities in FY2007
• Insurable risks
• Internal control system
• Summary of Implats’ strategic risk focus in 2007

Context

Implats understands and embraces the concept that risk management is as much about taking advantage of opportunities which present themselves, as it is about avoiding loss. In a business environment as dynamic as ours, opportunities continuously present themselves, and risk management enables real value to be added to the decision-making process by increasing confidence levels regarding the risks inherent in these opportunities.

With better knowledge, Implats can move more quickly and decisively to act on these opportunities when they represent a potential enhancement to its business. In the past, such actions might often have been perceived as being ‘too risky’. However, with improved information of the potential risks and their assessment and management, decisions can be taken based on information that gives better insight into the risks of a venture. This results in greater confidence that the risks can be effectively managed, rather than avoiding an opportunity which potentially could have realised great value for Implats. More and more business will have to ask “why should we not do this?” rather than “why should we do it?”. Given the risk management processes that have been in place, Implats is well-positioned to pursue this approach into the future.

In implementing the Implats Group Policy on Risk Management, which is available on the corporate website at www.implats.co.za/risk-policy.pdf (PDF - 60KB), significant time and resources were dedicated to ensuring a common and integrated approach to the management of risk so that knowledge and experience are shared among employees and risk management becomes embedded in all business activities.

The board is routinely apprised of the inherent risks and state of risk-management controls in business activities, plans and projects.

A risk-based approach is applied as an integral part of strategic, tactical and operational planning, including that of projects. Operationally, it is standard practice for line managers to complete risks assessments as part of their planning activities. This includes, for example, employees doing pre-work risk assessments before the start of their daily operational tasks.

The challenge ahead is to further integrate risk management in all business processes and functions across all business units in the group (enterprise-wide risk management – EWRM).

Governance

Risk is a standard agenda item for board, executive and management meetings. The co-ordination of risk management activities and the aggregation of risk across the group are managed by a formal Risk Committee. In addition, the effectiveness of risk management processes, systems and organisation is routinely reviewed by the board and the Audit Committee which, from time to time, requests independent assessments of the effectiveness of the group’s risk management.

Ultimate accountability for risk management rests with the board which assumes this responsibility by undertaking self audits of compliance, regularly reviewing the group's strategic risks and assessing the effectiveness of management's application of risk management. The objective of these reviews and audits is to ensure sustainability and continuous improvement in the management of risks and that appropriate and timely action is taken in response to inevitable changes in both the external and internal business environments. The board is assisted in this by the executive committee, board sub-committees, external specialists and the internal and external audit functions, as and when required.

Risk management processes, systems and organisation

Implats has adopted and implemented a common risk management methodology. Independent audit has confirmed that the design of Implats’ risk management processes and systems is in line with internationally recognised best practice and that these systems and processes are able to assess all internal and external forms of business risk. A key consideration in the process and system design was to ensure that risk management was integral to the management of the business, with line managers taking full responsibility for the processes and all risks under their control.

There exists only one risk repository for the group, based and designed on the group’s enterprise-wide risk management framework. This approach provides a total view of the business risks facing the group and simplifies the aggregation of risk and the sharing of information and best practice across the group.

Risk management activities in FY2007

As part of the process of continuous improvement and the embedding of risk management within the company, the following activities were undertaken in the period under review:

• The board reviewed the state of all strategic risks.
• Baseline risk assessments were completed for major projects and change initiatives. These are to be updated for the next business plan and incorporated into key business functions such as safety, finance, human resources and capital, procurement, maintenance and production.
• The internal methodology for peer safety reviews was revised and enhanced following a full review of major safety risks across the group. Peer reviews are an additional means of strengthening existing assurance processes for ensuring safe work practices and eliminating injuries at work.
• The functions of risk management and internal audit have been further integrated. The internal audit policy calls for a risk-based approach to all audits. This approach ensures that assurance activities are aligned and prioritised in terms of the risk to the business.
• The group’s risk management report, which is available on the Implats website at www.implats.co.za/risk-report.pdf (PDF - 76KB) was updated.

Insurable risks

The annual external operational review of the risks relating to physical assets and business interruption conducted in late 2006 found that the potential risk of damage to property and interruption to business had reduced for the fourth consecutive year. This annual review assists Implats with the management of its operational risk by helping to achieve the best possible insurance terms and enabling the insurers to better understand how the group manages its risk.

The company has taken steps to ameliorate potential losses by a variety of means. The comprehensive enterprise-wide risk management programme serves to integrate and co-ordinate risk-control activities.

Based on an annual re-assessment of residual risk (that is the risk that is calculated to remain after the implementation of risk control), a review is conducted of the appropriate level of self-insurance. Conventional insurance policies provide cover for the group over and above the group’s level of self-insurance.

Internal control system

The group’s accounting and administrative control systems are designed to provide reasonable assurance that the group’s accounting records accurately reflect that all transactions are executed and recorded in accordance with sound business practices, that assets are safeguarded and that protection is provided against serious risk of error or loss in a cost-effective manner.

Summary of Implats’ strategic risk focus in 2007

The strategic issues that currently face the group and which inform Implats’ business planning, risk management and resource allocation priorities are:

• Managing the uncertainties that may affect the Zimbabwe operations. The group is engaged on an ongoing basis with political leaders, ministries and key-decision makers in that country. To date, satisfactory progress has been made in discussions with political leaders and government, and such interactions and discussions are continuing.
• Developing an organisational strategy that will ensure:
  • The requisite resources, skills and structures are in place to deliver on the growth objectives approved by the board;
  • Continuous improvement in safety, health and environmental performance towards the goal of ‘zero harm’
  • Organisational diversity and improved employee engagement and participation in all business activities; and
  • The company attracts, develops, retains and motivates the requisite management, operational, technical and business skills and pool of talent.
• Ensuring the retention of permission to operate and full legal and regulatory compliance in a continuously changing environment.
• Retaining a focused and sustainable growth portfolio of assets to ensure that the company remains in the top quartile of performers within its areas of core competence.
• Addressing relevant issues regarding corporate responsibility, and being recognised as a good corporate citizen in the countries and communities where the company operates.
• Maintaining reliable and effective production processes and delivering product on time and to specification.
• Protecting and maintaining security and reliability of physical assets.
• Sustaining unit production costs in the lowest quartile of the industry.
• Maintaining effective project management processes and skills to ensure successful project implementation and delivery.
• Maintaining sound and mutually beneficial relationships with the communities in the vicinity of operations and with the general public.
• Retaining process, system and management technology competitiveness.
• Maintaining awareness of and attempting to mitigate the impact of new technological advances adversely affecting the demand for Implats’ products.