IN THIS SECTION
About us
Contact Person

Pieter van Dam
Group executive responsible for risk management
+27 11 456 1004
pieter.vandam@murrob.com

Pieter  van Dam

INTEGRATED ASSURANCE FRAMEWORK

The Group Integrated Assurance Framework coordinates the Group's overall approach to risk management. This entails identifying, assessing, addressing, monitoring, communicating and reporting Group risk, and includes the process of independently auditing adherence to and implementation of Group policies, standards, plans, procedures, practices, systems, controls and activities to ensure that the Group achieves the level of operational efficiency and compliance required by the Board.

The Board-approved Group Integrated Assurance Policy establishes and mandates the risk management, regulatory compliance and internal audit functions; effectively as the three pillars of the Group Integrated Assurance Framework.

RISK MANAGEMENT

A high level of risk awareness and response has been embedded in daily management and operational activities. Given the size and complexity of the Group, Murray & Roberts acknowledges that risk can never be fully eliminated. For that reason, management has designed and implemented a planned and structured approach to identify, assess, address, monitor, communicate and report the Group's large and complex risks. This includes governance structures (such as the Board risk management committee, the executive committee and the operating platform risk committees), organisational leadership, strategic planning and effective management to ensure that the appropriate operational and functional capacities, as well as controls, systems and processes are in place to manage risk. Underpinning this is the Group Integrated Assurance Framework.

The Group Risk Management Framework constitutes one of three pillars on which the Group Integrated Assurance Framework stands, and aims to:

Align strategy with risk tolerance;
Improve and streamline decision-making which improves the Group risk profile;
Promote the strategic, informed and coordinated procurement of a quality order book;
Ensure equitable commercial terms and conditions are contracted, together with the rational pursuit of commercial entitlement;
Promote early and rigorous project reviews, and timeous response to projects showing signs of distress;
Promote continuous improvement through the application of key lessons learnt;
Reduce operational surprises, improve predictability and build shareholder confidence;
Build robust organisational risk structures and facilitate timeous interventions, to promote long-term sustainable growth; and
Promote the efficient and proactive pursuit of opportunities.

REGULATORY COMPLIANCE

With the continued growth and expansion of the Group, especially in new geographies and disciplines, regulatory compliance is a large and complex area to understand. This in turn requires a structured approach to evaluate compliance failures and ensure adequate responses are initiated timeously to mitigate and avoid any negative impact on the Group's performance. The regulatory compliance function provides specific focus on regulatory compliance risk within the context of the Group Integrated Assurance Framework.

The key imperative of regulatory compliance is to ensure material compliance across the Group with every law, rule, code and standard where non-compliance could be materially injurious to the Group's performance and/or continued existence, whether from a financial, legal or reputational perspective.

The implementation of the Group Regulatory Compliance Framework focuses on the seamless integration of regulatory compliance (with risk management and internal audit) into business planning, execution and management.

INTERNAL AUDIT

Internal audit is a key element of the Group's assurance structure, and constitutes the third pillar on which the Group Integrated Assurance Framework stands. Internal audit has established a robust, risk-based approach to identify the critical risk management control environment which is relied on by management, and which is to be tested and evaluated for the purposes of providing the Board with the risk management and regulatory compliance assurance it requires to meet its governance objectives. Internal audit follows a planning and execution process through which the risk-based approach is delivered in a consistent manner, followed by detailed reporting and issue tracking.

It is through diligent implementation of the Group Integrated Assurance Framework that the critical risk processes and responses to be included in the internal audit plan are developed. These include interactions with the Group risk executive and the Group legal executive, and with specific reference to their respective mitigation objectives, strategies and plans. The audit plan also encompasses the assessment of Group-wide corporate governance, internal financial controls and risk management procedures, as well as specific areas highlighted by the audit & sustainability committee, Group executive committee and by executive and operational management for separate and dedicated review.

For more information about our Group risks and risk management practices, see our online integrated report.