The Oil & Gas platform works with some of the world's largest energy and resources companies to engineer, construct, commission and maintain a comprehensive range of infrastructure for energy, chemical, mining and mineral projects... Read more
The Underground Mining platform provides specialist engineering, construction and operational services in the underground environment to the global mining and metals sector...
power & water
The Power & Water platform, which is focused on engineering, procurement, construction and management of projects, offers EPC, as well as operations and maintenance services...
The Group Integrated Assurance Framework coordinates the Group's overall approach to risk management.
This entails identifying, assessing, addressing, monitoring, communicating and reporting Group risk, and includes the process of independently auditing adherence to and implementation of Group policies, standards, plans, procedures, practices, systems, controls and activities to ensure that the Group achieves the level of operational efficiency and compliance required by the Board.
The Board-approved Group Integrated Assurance Policy establishes and mandates the risk management, regulatory compliance and internal audit functions; effectively as the following three pillars of the Group Integrated Assurance Framework.
A high level of risk awareness and mitigation has been embedded in daily management and operational activities. Given the size and complexity of the Group,
Murray & Roberts can never comprehensively eliminate risk from every area of its operations. For this reason, management maintains a planned, coordinated
and structured approach to identify, assess, address, monitor, communicate and report the Group’s large and complex risks. This includes governance structures (such as the Board risk management committee, the executive risk committee and the business platform risk committees), organisational leadership, strategic planning and effective management to ensure that the appropriate operational and functional capacities, as well as controls, systems and processes, are in place to manage and mitigate risk. Underpinning this is the Group Risk Management Framework.
The Group Risk Management Framework constitutes one of three pillars on which the Group Integrated Assurance Framework stands, and aims to:
Align strategy with risk tolerance;
Improve and streamline decision-making which improves the Group risk profile;
Promote the strategic, informed and coordinated procurement of a quality order book;
Ensure equitable commercial terms and conditions are contracted based on a predetermined set of acceptable contracting principles, together with the rational pursuit of commercial entitlement;
Promote early and rigorous project reviews, and timeous responses to projects showing early signs of underperformance;
Promote continuous improvement through the meticulous institutionalisation and rigorous application of key lessons learnt;
Reduce operational surprises, improve predictability and build shareholder confidence;
Build robust organisational risk structures and facilitate timeous interventions, to promote long-term sustainable growth; and
Promote the efficient and proactive pursuit of opportunities.
Regulatory compliance constitutes the second pillar of the Group Integrated Assurance Framework. With the continued growth and expansion of the Group, especially in new geographies and disciplines,
regulatory compliance is a large and complex area to understand. This in turn requires a structured approach to evaluate compliance failures and ensure adequate responses are initiated timeously to mitigate and avoid any negative impact on the Group’s performance.
The regulatory compliance function provides specific focus on regulatory compliance risk within the context of the Group Integrated Assurance Framework. The key imperative of regulatory compliance is to ensure material compliance across the Group with every law, rule, code and standard where non-compliance could
materially impact the Group’s performance and/or continued existence, whether from a financial, legal or reputational perspective.
The implementation of the Group Regulatory Compliance Framework focuses on the seamless
integration of regulatory compliance (with risk management and internal audit) into business
planning, execution and management.
Internal audit is a key element of the Group’s assurance structure, and constitutes the third pillar of
the Group Integrated Assurance Framework. Internal audit has established a robust, risk-based approach to identify the critical risk management control environment which is relied on by management, and which is to be tested and evaluated for the purposes of providing the Board with the risk management and regulatory compliance assurance it requires to meet its governance objectives. Internal audit follows a planning and execution process through which the risk-based approach is delivered in a consistent manner, followed by detailed reporting and issue tracking.
It is through diligent implementation of the Group Integrated Assurance Framework that the critical risk
processes and responses to be included in the internal audit plan are developed. These include
interactions with the Group risk manager and the Group legal executive, and with specific reference to
their respective mitigation objectives, strategies and plans. The audit plan also encompasses the
assessment of Group-wide corporate governance, internal financial controls and risk management
procedures, as well as specific areas highlighted by the audit & sustainability committee, Group executive committee and by executive and operational management for separate and dedicated review.