Principles 263. The Board should establish systems for- (a) managing the company’s information assets and the performance of its data functions; (b) ensuring the timeous availability of information through effective information systems; (c) implementing a suitable information security management programme; (d) ensuring that all sensitive information is identified, classified and assigned appropriate handling criteria; (e) […]

Preamble: 261. Disclosure relating to the company and its business in all its varied forms, content, and pitch, explicitness of language, relevance, impact, and accessibility to all stakeholders is pivotal to the culture of building confidence, accountability and trust within the company. Disclosure is necessary for the company to remain trustworthy in the eyes of […]

259. The board should – a) take measures to manage whistle-blowing in terms of set procedures, proper analysis of reports received and acting to correct the misconduct reported upon; b) have a fair system, known to the employees, for dealing with reports from whistle-blowers so that an honest individual does not feel under threat when […]

255. A whistle-blowing system that is independent, trusted and anonymous is key to the effective implementation of an ethical corporate culture and fraud risk management strategy. A whistle-blower provides evidence of a waste of funds or mismanagement. 256. People blow the whistle because they have been unable to approach or to get a response from […]

253. The external auditors should – (a) liaise with Internal audit and risk management committees on the scope and extent of coverage; and (b) report on material weaknesses in financial control and finance management systems, whether from design, implementation or execution perspectives, that result in actual material financial loss, fraud or material misstatements. 254. Management […]

250. Every listed company must put in place a Combined Assurance to – a) coordinate the work of all assurance providers that, either directly or indirectly, provide the board and management with certain assurances; b) provide a communication forum for the work of internal audit, external audit, third party assurance providers and management in support […]

Principles: 245. The Audit Committee should ensure that a combined assurance model is applied to provide a coordinated approach to all assurance activities and that the assurance covers all the significant functions within the organization. 246. The combined assurance model aims to optimize the assurance coverage obtained from management, internal assurance and external assurance providers […]

244. The Board should ensure that – a) it builds and sustains an ethical corporate culture in the company; b) it clearly articulates the ethical standards and ensures that the company takes measures to meet them; c) there is adherence to and measurement of ethical standards in all aspects of the business; d) ethical risks […]

243. The audit committee’s functions vary from company to company but they invariably include the following – a) recommending the nomination and remuneration of external auditors; b) reviewing the audit carried out by external auditors; c) discussing with the external auditors any problems that arise during audits ; d) reviewing the company’s accounting policies and […]

Principles : 240. The Board should establish an audit committee but this will depend on the nature and size of the company and the complexity and diversity of its operations.   241. The audit committee approves the risk based internal audit plan, the annual expenditure and capital budget of the auditing department and evaluates the […]