The Board is responsible for the governance of risk, therefore approves the risk policy, framework and risk appetite statements that sets the tone for the risk management function at Nampost. The Board delegated the implementation of the risk management policy and framework to the management of Nampost, specifically the Risk Management Department. Therefore, the department is responsible for the risk and business continuity management.
The risk management department facilitates the identification of risks that may have a negative impact on Nampost strategic objectives. These risks range from strategic, operational and project risks both from an internal and an external perspective.
The risks are collated into risk registers that are reviewed monthly by Exco for completeness to ensure that all key and emerging risks are captured and mitigated. In terms of its mandate, the Board also reviews the risk registers on a quarterly basis to ensure completeness and to gauge that those responses are adequate to address the identified risks.
The department also cultivates and enhances the risk management culture through training, as everyone at Nampost is responsible for risk management. This is to ensure that operational risks pertaining to incidents, break down in controls and fraud are pro-actively identified and mitigated at all levels.
The department is also responsible for Business Continuity Management function, to ensure that Nampost can resume operations in the event of a disruption and or disaster.
The risk management function certainly enhances Nampost operational efficiency to ensure that we remain the best at what we do.