Strategic risk management


Risk-based leadership with the Board at its apex is fundamental to Datatec's approach to its operations. In line with the King IVTM Code, the Board governs risk in a way that supports the organisation in setting and achieving its strategic objectives.

Our risk management process

The Group's risk management process has three key steps:

1

Identify key risks – key risks are threats that have the ability to adversely affect the Group’s ability to achieve its objectives and successfully execute its strategies. These are documented in risk registers

2

Implement controls to mitigate risk – monitor through continuous review

3

Obtain assurance that controls are effective – combined assurance programme. Adapt and improve controls where necessary

How do we identify risks

Our risks are identified as threats that can impact the Group's ability to deliver its objectives and its strategy. Our risks are regularly reviewed in the context of our operating environment.

How do we respond to our risks

Our risks are identified as threats that can impact the Group's ability to deliver its objectives and its strategy. Our risks are regularly reviewed in the context of our operating environment.

Risk oversight

RISK MANAGMENT FRAMEWORK


Risk management at Datatec is not viewed as a task that is performed in isolation. It is part of the day-to-day practices and staff at all levels are familiar with Datatec's risk policy. The Board is responsible for Datatec's strategy, leadership and decision-making which are all impacted by risk. Risk-based leadership is therefore fundamental to Datatec.

Board
  • The Board determines the level of risk tolerance and limits of risk appetite are set as part of the strategic direction of the Group
  • The Board is ultimately responsible for the governance of risk
Audit, Risk and Compliance Committee
  • Monitors risk management activities at the Group and subsidiary level on an ongoing basis
Group Chief Risk Officer
  • Ensures that the risk management framework is operating effectively in the divisions
Divisions – divisional boards and executive committees
  • Regularly reviews strategic and emerging risks and identifies and prioritises high-risk areas on risk maps based on impact and likelihood
  • Analyses high-risk areas to identify potential root causes
  • Identifies mitigating controls and associated monitoring/assurance activities for each high-risk area
Head office – Datatec Risk Committee
Divisional Chief Risk Officers
  • Ensures divisional risk procedures are in accordance with and support the Group's risk management framework
  • Oversees management's response to matters identified as requiring improvement

The Board is responsible for approving Datatec's risk appetite and when the risk tolerance is exceeded, it is management's responsibility to take action.

Refer to our operating context for details of our key risks.

Outlined in the risk map below is the risk rating for our top 10 key risks after all measures to mitigate these risks have been applied.

1. Impact of COVID-19
2. Technological market disruption
3. Dependence on key vendors
4. Internal technological risks
5. Dependence on key customers
6. Mismanagement of payment discount, product rebates and allowances
7. Execution risk of major projects
8. Risk of failure to fund working capital needs sufficiently
9. Value generation: disposals and acquisition risk
10. Risk of overdependence on key personnel