Risk management, a Corporate Governance imperative, is one of Management’s core responsibilities in terms of Section 62 of the Municipal Finance Management Act (MFMA) and is an integral part of the internal processes of the Municipality.
It is a systematic process to identify, evaluate and address risks on a continuous basis before such risks can impact negatively on the service delivery capacity of the Municipality. It also focuses on reducing materialized risks to acceptable levels, as well as maximizing opportunities available to the organization. It is council’s position that when the function of Risk Management is properly executed, it will provide reasonable assurance that the institution will be successful in achieving its goals and objectives.
In endeavor to enhance risk management processes by ensuring a truly integrated and enterprise-wide approach, the City has in place an Enterprise Risk Management Policy and Strategy which is reviewed annually. The application and guidance thereof ensures, amongst other things:
- more sustainable and reliable delivery of services;
- informed decisions underpinned by appropriate rigor and analysis;
- reduced waste;
- prevention of fraud and corruption;
- better value for money through more efficient use of resources;
- better outputs and outcomes through improved project and program management;
- aligning risk tolerance and strategy;
- pursuing institutional objectives through transparent identification and management of acceptable risk;
- enhancing risk response decisions and reducing operational surprises and losses;
- Seizing opportunities and increasing the probability of achieving objectives.
This subsection’s key performance areas include:
- Enterprise Risk Management;
- Project Risk Management;
- Fraud Risk Management;
- Business Continuity Management; and
- Legal Compliance Risk Management
The City has in place an Enterprise Risk Management Committee reporting to the Audit Committee, Council and the Municipal Public Accounts Committee (MPAC) as an oversight. Risk Champions in each department report to Management on risk management matters and co-ordinate risk management activities in their respective business units.
Risk Assessments are conducted, reviewed and updated annually and on a continuous basis- and are carried out on both a strategic and operational level to ensure a thorough approach.