“You cannot escape the responsibility of tomorrow by evading it today.”

Abraham Lincoln

The Board is responsible for the information technology (“IT”) governance in the Group and management is accountable for operational governance of information technology management.


The IT environment is broadly covered through King III and is fully integrated into the Group’s strategic planning process to ensure strategic, tactical and operational alignment in the achievement of the Group’s objectives. An annual report on IT governance is tabled at the audit and risk committee to address any significant IT investment, risks and matters to be considered to ensure compliance with IT governance. The primary focus is to review and approve the Group’s IT strategy to ensure that there is good governance throughout the IT ecosystem by ensuring the effectiveness and efficiency of the Group’s systems from a strategic alignment and risk perspective.

An integrated approach for IT governance in all the business units has been implemented and all divisions in each subsidiary have followed the Group user policies and security practices within the IT environment. Group synergies are sought in the following areas:

  • Innovation and best practice – the Group collaborates and shares in areas of new skills with further enhancement envisaged in the formation of shared competency groups;
  • People – the continual development of our IT professionals in the Group is critical in a rapidly changing environment with due consideration being given to new appointments for diversity and transformation targets; and
  • Value – key suppliers are sought to optimise procurement and service levels across the Group with shared services where appropriate and new opportunities being investigated.


The world continues to change due to significant trends such as:

  • Mobile devices with pervasive connectivity to the internet as broadband data reduces in price and increases in availability, resulting in new heights of social media interaction on a business and personal level;
  • Cloud computing which provides access to high-level, utility-based, location-independent and capital-light computing resources and agility;
  • An increase in data that needs to be stored, managed and interpreted for business advantage; and
  • The increase in connected devices installed to on-board computers giving rise to the internet of real-time exchange of information between connected devices.


The ever-changing environment brings with it the complexities of managing information risk and the Group is applying the appropriate operational and technology interventions to manage these challenges.

As the Group is dependent on IT to meet its business needs and sustainability objectives, all identified IT risks are monitored and reduced to an acceptable level by executive management. The Group prides itself on the high standard of security monitoring, data protection, business service availability, network reliability and ensures that IT maintenance is performed and reviewed constantly. Although no material risks were reported on during the year under review, we are cognisant of cybersecurity and the implications thereof taking into account the protection of our stakeholders which remains a high priority. We constantly address threats from phishing and other cyberthreats.


The Group’s current focus is maintaining the existing traditional enterprise systems where operational reliability is paramount. The current systems have necessitated the need for enhancements within the Group’s business units and consolidation for improved corporate controls and reporting.

In terms of our Vision 2020 Vision strategy, the Group is looking into the technology landscape and systems taking into account the current systems. An assessment was done for an integrated technology system that would be able to accommodate all Companies within the Group, taking into account the different needs of each individual Company. A system has been identified for the Group with future additional benefits that over time could be implemented through a phased approach.

Key to considering the new technology was the multi-user environment, data being generated in a variety of options thus reducing the risk of errors, audit trails, document managers, improved workflows, multi reviewers, consolidation of information and maintenance costs.

The benefits of the new system over the old system are:

  • Greater automation resulting in improved controls and efficiencies;
  • Real time processing, which means that live data is always available for quicker informed decision-making;
  • Better Customer Relationship Management modules;
  • The interface and software is easier to use;
  • The software can be integrated with our other systems;
  • There are additional add-ons which could be used to lessen the burden on transaction processing, payments, advances and stock control; and
  • A module for storing of data as required by certain regulatory bodies.

Management is currently in negotiation with the service provider to finalise the system for approval by the committee.

Our IT division continues to provide technology enabled solutions which add value to their customers by:

  • Enhancing their current services;
  • Providing productivity solutions to optimise their business activities;
  • Providing integrated business solutions; and
  • Providing consultative advice based on business needs.

The digitised cloud enabled world has many IT products and services readily available for business consumption necessitating additional requirements from the IT divisions for their clients.

The chairman of the audit and risk committee reports to the Board on the activities of the committee at each Board meeting.