Strate
Contact Us
Glossary
Sitemap
Skip Navigation Links
Home
About Strate
Products and Services
Publications / Media
Rules & Regulations
Supervision
Training & Exams
HomeAbout StrateOverviewRisk Management 
Search
 
Overview
Who & What is Strate
Benefits of Strate
History of Strate
Board & Shareholders
Corporate Governance
Management Structure
Internal Controls & Management
Risk Management
Business Continuity Management
International Benchmarks & Standards
Regional Association Memberships
Transformation
Caring for People
Dematerialisation
 

Risk Management

Enterprise Risk Management (ERM) at Strate comprises:
  • The Risk Management function;
  • Business Continuity Management (including Disaster Recovery);
  • Information Security; and
  • The Internal Audit program which uses a combination of external (inter alia Pricewaterhouse Coopers) and independent internal resources (Process Assurance)

The ERM Division effectively co-ordinates and manages the overall risk management program for Strate by:
  1. Assisting each division within the company to identify, assess and measure risks according to the probability (or likelihood) of occurrence and the potential impact that the identified risk may have. A process-based ERM framework which is linked to Strate's strategic objectives has been defined for this purpose;
  2. Assisting divisions in undertaking an initial assessment of the effectiveness of relevant controls identified to mitigate the specific risks. These assessments drive regular risk reporting through the Management Team to the Audit and Risk Committee and ultimately the Board of Directors who measure risk exposure against pre-determined risk tolerances and the management actions being taken to bring specific risk exposures back to within acceptable levels of tolerance;
  3. Identifying risk-based focus areas for independent review in terms of the Internal Audit plan;
  4. Coordinating a comprehensive risk review in respect of each and every new product/service under development by Strate; and
  5. Ensuring that all system enhancements/changes are channeled through an effective Change Advisory Board and that the underlying Change Control and Release Management processes are followed in accordance with a defined and documented System Development Life Cycle (SDLC). A risk review is undertaken of each change / enhancement to ensure a comprehensive understanding of the likely impact and that the necessary /appropriate controls have been incorporated prior to implementation.
 
Home
Contact Strate
Glossary
Sitemap