Print page Print page Email page Email page Login | Register Login | Register

King III summary

In line with the release of the King Report on Corporate Governance (King III), the group evaluated its readiness to comply during F2010. During the year, a number of gaps were closed out. On the next few pages we provide an update on areas we are still addressing, as well as those we closed out during the year.

  • Update of non-compliances from F2010

    Code of governance principles
     
    Gap identified in F2010
     
    Status
                 
    Board of directors            
    Role and function of the board        
    The board and its directors should act in the best interests of the company.   2.14.3 Directors of the board should be permitted to take independent advice in connection with their duties following an agreed procedure.   Although the directors are permitted to take independent advice, the current process should be formalised.   This will be addressed in F2012.
    The board should elect a chairman of the board who is an independent non-executive director. The CEO of the company should not also fill the role of a chairman of the board.   2.16.1 The members of the board should elect a chairman on an annual basis.   Although the members of the board appoint the chairman and the chairman is evaluated on an annual basis, election only takes place when required.   This will be addressed in F2012.
        2.16.9 The board should ensure a succession plan for the role of the chairman.   Succession planning for the chairman is being considered as part of the current board evaluation.   This will be addressed in F2012.
    The board should appoint the chief executive officer and establish a framework for the delegation of authority.
      2.17.5 The board should ensure succession planning for the CEO and other senior executives and officers is in place.   Although this is currently being assessed internally for senior management and by the external, independent board advisors for the executive directors, there are no formal succession plans in place.   This will be addressed in F2012.
    Director development            
    The induction of and ongoing training and development of directors should be conducted through formal processes.
      2.20 The board should ensure that a formal induction programme is established for new directors.   No formal induction programme in place.   This will be addressed in F2012.
    Company secretary            
    The board should be assisted by a competent, suitably qualified and experienced company secretary.   2.21.6 The company secretary should assist with the director induction and training programmes.   No formal director induction programme is currently in place.   This will be addressed in F2012.
        2.21.13 The company secretary should assist with the evaluation of the board, committees and individual directors.   Evaluations are performed by external service providers, with assistance from the human resources department.   This will be addressed in F2012.
    Performance assessment            
    The evaluation of the board, its committees and individual directors should be performed every year.
      2.22.5 The nomination of the re-appointment of a director should only occur after the evaluation of the performance and attendance of the director.   This process needs to be adopted.   Partially compliant, with further action recommended.

    The directors who are being offered for re-appointment have been evaluated in the current year for performance and attendance. This needs to be formalised to ensure it takes place annually.

    Board committees            
        2.23.9 Committees should be free to take independent outside professional advice at the cost of the company, subject to an approved process being followed.   Although general authority is granted, a formal process is not in place.   This will be addressed in F2012.
    Audit committees            
    Membership and resources of the audit committee        
        3.2.6 The committee should be permitted to consult with specialists or consultants, subject to a board-approved process.   Although the committee is aware that it may engage with specialists, this process is not formalised or approved by the board.   This will be addressed in F2012.
    The governance of risk            
    The board’s responsibility for risk governance        
    The board should be responsible for the governance of risk.   4.1.1 A policy and plan for a system and process of risk management should be developed.   Although the board is apprised of the key risks facing the group and a formal risk-bearing capacity process has been implemented, key risk indicators and dashboards need to be developed and the formal policy needs to be signed off by the board.   Partially compliant, with further action recommended.

    A risk tolerance framework and model was developed for the group during this financial year, but the policy needs to be ratified by the board.

        4.1.4 The induction and ongoing training programmes of the board should incorporate risk governance.   Although the board is apprised of the key risks facing the group and a formal risk-bearing capacity process has been implemented, key risk indicators and dashboards need to be developed and the formal policy needs to be signed off by the board.   Partially compliant, with further action recommended.

    A risk tolerance framework and model was developed for the group during this financial year, but the policy needs to be ratified by the board.

        4.1.6 The board should approve the risk management policy and plan.   Although the board is apprised of the key risks facing the group and a formal risk-bearing capacity process has been implemented, key risk indicators and dashboards need to be developed and the formal policy needs to be signed off by the board.   Partially compliant, with further action recommended.

    A risk tolerance framework and model was developed for the group during this financial year, but the policy needs to be ratified by the board.

        4.1.8 The board should review the implementation of the risk management plan at least once a year.   Although the board is apprised of the key risks facing the group and a formal risk-bearing capacity process has been implemented, key risk indicators and dashboards need to be developed and the formal policy needs to be signed off by the board.   Partially compliant, with further action recommended.

    A risk tolerance framework and model was developed for the group during this financial year, but the policy needs to be ratified by the board.

        4.1.9 The board should ensure that the implementation of the risk management plan is monitored continually   Although the board is apprised of the key risks facing the group and a formal risk-bearing capacity process has been implemented, key risk indicators and dashboards need to be developed and the formal policy needs to be signed off by the board.   Partially compliant, with further action recommended.

    A risk tolerance framework and model was developed for the group during this financial year, but the policy needs to be ratified by the board.

    The board should determine the levels of risk tolerance.   4.2.1 The board should set the levels of risk tolerance once a year.   Although the board is apprised of the key risks facing the group and a formal risk-bearing capacity process has been implemented, key risk indicators and dashboards need to be developed and the formal policy needs to be signed off by the board.   Partially compliant, with further action recommended.

    A risk tolerance framework and model was developed for the group during this financial year, but the policy needs to be ratified by the board.

        4.2.2 The board may set limits for risk appetite.   Although the board is apprised of the key risks facing the group and a formal risk-bearing capacity process has been implemented, key risk indicators and dashboards need to be developed and the formal policy needs to be signed off by the board.   Partially compliant, with further action recommended.

    A risk tolerance framework and model was developed for the group during this financial year, but the policy needs to be ratified by the board.

        4.2.3 The board should monitor that risks taken are within the tolerance and appetite levels.   Although the board is apprised of the key risks facing the group and a formal risk-bearing capacity process has been implemented, key risk indicators and dashboards need to be developed and the formal policy needs to be signed off by the board.   Partially compliant, with further action recommended.

    A risk tolerance framework and model was developed for the group during this financial year, but the policy needs to be ratified by the board.

    The risk committee or audit committee should assist the board in carrying out its risk responsibilities.   4.3.2.1 The risk committee should consider the risk management policy and plan and monitor the risk management process.   Although the board is apprised of the key risks facing the group and a formal risk-bearing capacity process has been implemented, key risk indicators and dashboards need to be developed and the formal policy needs to be signed off by the board.   Partially compliant, with further action recommended.

    A risk tolerance framework and model was developed for the group during this financial year, but the policy needs to be ratified by the board.

        4.3.3 The performance of the committee should be evaluated once a year by the board.   The board does not formally evaluate the performance of the risk committee. The effectiveness of the main board has been assessed, but not its sub-committees.   This is currently being addressed.
    Risk assessment            
    The board should ensure that frameworks and methodologies are implemented to increase the probability of anticipating unpredictable risks.
      4.6.1 The board should ensure that a framework and processes are in place to anticipate unpredictable risks.   Although a formal risk identification and mitigation strategy is in place to identify any gaps, a strategic risk assessment is not in place.   Partially compliant, with further action recommended.

    The group risk officer provides information to the risk committee on which risks have been identified as key risks within the industry and globally. This is done through research as well as through surveys. However, a strategic review needs to be performed.

    Risk response            
    The board should ensure that management considers and implements appropriate risk responses.   4.7.2 Management should demonstrate to the board that the risk response provides for the identification and exploitation of opportunities to improve the performance of the company.   Although the board is apprised of the key risks facing the group and a formal risk-bearing capacity process has been implemented, key risk indicators and dashboards need to be developed.   Partially compliant, with further action recommended.

    A risk tolerance framework and model was developed for the group during this financial year. The key risk indicators and dashboards will be developed within the next financial year.

    Risk monitoring            
    The board should ensure continual risk monitoring by management.   4.8.2 The responsibility for monitoring should be defined in the risk management plan.   A policy and a plan for a system and process of risk management has been developed but must still be presented to the board. The responsibilities for monitoring are included within the plan.   This is currently being addressed.
    The governance of information technology        
    The board should monitor and evaluate significant IT investments and expenditure.   5.4.3 The board should obtain independent assurance on the IT governance and controls supporting outsourced IT services.   Although the full service and support IT functions are outsourced, with a master agreement that governs the outsourced relationship and a service level agreement (SLA) that governs performance expectations, independent assurance has not been obtained.   This will be considered in F2012 with the implementation of a steering committee.
    Compliance with laws, rules, codes and standards        
    The board and each individual director should have a working understanding of the effect of the applicable laws, rules, codes and standards on the company and its business   6.2.1 The induction and ongoing training programmes of directors should incorporate an overview of and any changes to applicable laws, rules, codes and standards.   Although the board is informed of relevant laws, rules, codes and standards, including changes, this is not currently done as part of their induction. No formal induction programme is currently in place.   This will be addressed in F2012.
    The board should delegate to management the implementation of an effective compliance framework and processes.   6.4.4 Management should establish the appropriate structures, educate and train, and communicate and measure key performance indicators relevant to compliance.   In the year under review, an electronic compliance system was introduced into the group and was rolled out in the human resources, safety and health and environment compliance sectors in all local business units, excluding the Construction Materials cluster.   Partially compliant, with further action recommended.

    Although the appropriate structures of education, training and communications are in place, the measurements of the key performance indicators relevant to compliance need to be confirmed.

    Governing stakeholder relationships        
    Dispute resolution            
    The board should ensure that disputes are resolved as effectively, efficiently and expeditiously as possible.
      8.6.1 The board should adopt formal dispute resolution processes for internal and external disputes.   Although a crisis communications plan is in place to ensure that any emergency is communicated appropriately, with internal disputes managed through formal procedures determined by the human resources department and external disputes addressed relevant to each situation, a formal dispute resolution process has not been adopted by the board. The group has attempted to address this by inserting ADR clauses in contracts.   This will be addressed in F2012.
  • Closing out non-compliances from F2010

    Below we outline areas where we addressed non-compliances from last year and when in the year this came into effect.

    Code of governance principles
     
    Gap identified in F2010
     
    Status
    Board appointment process            
    Directors should be appointed through a formal process.
      2.19.3 The appointment of non-executive directors should be formalised through a letter of appointment.   Although the appointment is formalised through the nominations committee, no formal letter is provided.   The newly appointed nonexecutive directors received a formal appointment letter in August 2011.
    Director development            
        2.20.4 The board should ensure that directors receive regular briefings on changes in risks, laws and environment.   Although certain internal awareness training has been performed, this process needs to be further improved.   Internal awareness training was delivered during the year on matters which could have a material effect on the group.
    Company secretary            
        2.21.11 The company secretary should assist in drafting yearly work plans.   The company secretary currently does not draft annual work plans.   The company secretary assisted in the second half of the year with the drafting of the F2012 annual work plan.
    Board committees            
    The board should delegate certain functions to well structured committees without abdicating its own responsibilities.
      2.23.5 Companies should establish an audit committee and define its composition, purpose and duties in the Memorandum of Incorporation.   Although the group has an established audit committee with defined terms of reference, these terms need to be defined within the Memorandum of Incorporation.   In terms of Section 94(2) of the Companies Act 2008, this requirement is not applicable to the subsidiary companies of the group.

    The group has appointed an audit committee with defined terms of reference at group level.

    We complied with this for the full year.

    Audit committees            
    Membership and resources of the audit committee        
    Audit committee members should be suitably skilled and experienced independent non-executive directors.   3.2.1 All members of the audit committee should be independent non-executive directors   MR Upton is an executive member and a member of the audit committee.   The members of the audit committee are non-executive directors. We complied for the full year.
    Internal assurance providers        
    The audit committee should be responsible for overseeing of internal audit.
      7.4.5 The audit committee should be responsible for the appointment, performance assessment and/or dismissal of the chief audit executive (CAE).   Although feedback on performance is provided by the chairman of the audit committee, performance management is conducted by the CFO. The appointment of the current CAE was made with input from both the CFO and the chairman of the audit committee.   Input from the chairman of the audit committee was obtained and this was included in the internal audit charter. We complied for the full year.
    The governance of risk            
    The board’s responsibility for risk governance        
        4.1.5 The board’s responsibility for risk governance should manifest in a documented risk management policy and plan.   Although a risk policy has been developed and implemented within the group, a documented risk plan is not available.   The board’s responsibility for risk is documented within the board charter and risk committee terms of reference and was presented to the board and approved in the last quarter of the year.
    Risk assurance            
    The board should receive assurance regarding the effectiveness of the risk management process
      4.9.2 Internal audit should provide a written assessment of the effectiveness of the system of internal controls and risk management to the board.   Although internal audit provides written confirmation on internal controls through its reports to the audit committee in which each business is rated in terms of performance with respect to their control environment, the effectiveness of risk management is not expressly confirmed by the internal audit department.   The internal audit department audited the risk management processes and systems and the audit report was presented at the risk committee. This was complied with in the fourth quarter of the year.
    The governance of information technology        
    The board should delegate to management the responsibility for the implementation of an IT governance framework.
      5.3.2 The board may appoint an IT steering committee of similar function to assist with its governance of IT.   There is currently no IT steering committee in place within the group.   The IT steering committee was formed in the third quarter of the financial year.
    Compliance with laws, rules, codes and standards        
        6.4.3 Compliance with laws, rules, codes and standards should be incorporated in the code of conduct of the company.   Although the group currently has a formal code of conduct (the code of ethics), compliance with laws, rules, codes and standards are not expressly stated.   The group has a formal code of conduct, the code of ethics, in which compliance with laws, rules, codes and standards are expressly stated. We complied with this for the full year.
    Internal audit            
    Internal audit’s approach plan        
    Internal audit should follow a risk-based approach to its plan.   7.2.3.1 Internal audit should be an objective provider of assurance that considers the risks that may prevent or slow down the realisation of strategic goals.   Although rigorous and entrenched risk management processes are in place, further emphasis needs to be placed on providing assurance on the alignment of the group strategic goals and objectives to the risks facing the group.   The internal audit department reviewed the group-wide risk management process during the fourth quarter of the year. Alignment of group strategic goals and objectives to the risks facing the group is planned for the new financial year.
        7.2.3.2 Internal audit should be an objective provider of assurance that considers whether controls are in place and functioning effectively to mitigate these.   Although controls are in place, the review of the risk management process will include an assessment of controls and an assurance of opportunities available to the group.   Review of the risk management process was undertaken in the fourth quarter of the year and recommendations made are currently being actioned by the risk department.
        7.2.3.3 Internal audit should be an objective provider of assurance that the opportunities that will promote the realisation of strategic goals are identified, assessed and effectively managed by the company’s management team.   They are independent assurers, but have not been strictly focusing on opportunity management.   Review of the risk management process was undertaken in the fourth quarter of the year and recommendations made are currently being actioned by the risk department.
    The audit committee should be responsible for overseeing internal audit.   7.4.5 The audit committee should be responsible for the appointment, performance assessment and dismissal of the CAE.   Although feedback on performance is provided by the chairman of the audit committee, performance management is conducted by the CFO. Appointment of the current CAE was made with input from both the CFO and the chairman of the audit committee.   Input from the chairman of the audit committee obtained and this was included into the internal audit charter. We complied for the full year.

    All sections of the “King Report on Governance for South Africa” and the “King Code of Governance Principles” have been reproduced with kind permission of the Institute of Directors.

back to top ^

Register

Please enter login details


Login

Please enter login details

Page saved successfully

We've successfully saved this page to your bookmarks. You can see your bookmarks, manage them clicking on the link below.

Add a new note

Use the form below to add a new note to the page: