Material issues, risks and opportunities
Framework and model
The Group has in place an Enterprise Risk Management framework which is based on a combined assurance model comprising: management, external auditors and internal audit. This model and its related activities are structured to ensure that the Group's risks are adequately managed by formulating the Group's strategic imperatives on such.
IDENTIFICATION OF RISKS
Identification of risks is based on:
- the Group's risk bearing capacity (the capacity to absorb losses arising from risks without an immediate threat to the Group's continued existence based on its current business model);
- risk appetite (the amount and type of risk the Group is willing to accept in pursuit of its business objectives); and
- risk tolerance (the acceptable levels of variation relative to the achievement of the Group's objectives).
QUANTIFICATION OF RISKS
Certain financial measures form the basis on which these risks are quantified.
CATEGORISATION OF RISKS
Identified risks are categorised according to:
- inherent risk (a function of their potential impact and probability); and
- residual risk (based on the effectiveness of mitigating controls or responses to address the inherent risk).
The identified risks are encompassed in the following risk categories:
- supply chain disruptions;
- IT infrastructure and network vulnerability;
- loss of quality earnings/revenue/profitability/future growth;
- talent attraction/development/retention;
- brand identity and corporate image; and
- regulatory compliance.
Residual risk heatmap – combined
Below is a summary of the Group's top risks and/or material issues based on their residual risk ratings. A summary of the strategic imperatives related to each risk is provided.
1. Social unrest impacting operations |
Risk description |
|
Mitigating controls |
|
Strategic imperatives |
- Social unrest in the areas in which the
Group operates impacts retail and
manufacturing activities.
- The risk is particularly relevant for
Ceramic Industries’ factories and
TopT retail stores.
- Impacts safety of Group employees and
customers.
|
|
- Business interruption insurance cover in
place.
- The portfolio and marketplace are
analysed on an ongoing basis to ensure
risk is mitigated and targeted property
returns are achieved.
- The Group has a Social Unrest policy in
place primarily focused on the safety of
Group employees and customers.
- Ongoing community engagement and
social economic development activities
conducted in communities in which
we operate.
|
|
- Continuous investment in and
management of relationships with
communities within which we operate.
|
|
|
|
|
|
2. Network penetration |
Risk description |
|
Mitigating controls |
|
Strategic imperatives |
- External penetration of our networks
(including hacking, phishing, etc).
Probability intensified due to increased
web traffic to webstores which are
integrated into SAP, ongoing high profile
hacking incidents internationally (related
to malware), and roll out of wifi solution
for customers in stores.
- Website cloning and rerouting of online
payments gateway via webstores and
new mobile devices with integrated
payment pebble.
- External penetration of Android-based
handheld scanners used in the stores
(including hacking, phishing, etc).
- Increased usage and access points with
roll out of new local stores, East Africa
stores and webstores.
|
|
- Prevented with use of firewalls,
segmentation of network landscape,
implementation of secure socket layer
certificates to encrypt end-to-end data
and graph antivirus solution with
additional patch management control
- User passwords regularly updated.
- Quarterly penetration testing performed
by external service providers.
- Handheld scanners hosted on hidden
network with SSL encryption enabled.
- Cyber insurance in place through
reputable provider.
|
|
- Quarterly review of all network policies
and procedures and network and router
configurations to assess risks in order to
mitigate them.
- A Protection of Personal Information
(“PoPI”) compliance project is ongoing
to assess areas of risk in order to
mitigate them and ensure compliance
with the PoPI Act.
- Heat mapping of internal and external
networks, reviewed on a monthly basis
with senior management.
|
|
|
|
|
|
3. Pace of innovation and agility inadequate |
Risk description |
|
Mitigating controls |
|
Strategic imperatives |
- Pace of innovation with smart scanners
and functionality in stores and online is
not sufficient or fast enough to keep pace
with the market and competitors, and
other disruptive activities.
|
|
- The Group’s Digital Forum meets
regularly to discuss and analyse trends
and disruptive technologies to ensure
that the business is positioned to
respond to or introduce innovation into
its operations.
- Members of Digital Forum attend
relevant conventions and expos.
- Continuous engagement with service
providers.
|
|
- Ongoing research and development
ensuring involvement of key
stakeholders will promote relevance of
technology/application to the needs of
the business.
|
|
|
|
|
|
4. Loss of profitability and/or market share if products do not remain fashionable |
Risk description |
|
Mitigating controls |
|
Strategic imperatives |
- Not remaining fashionable is a major risk
and has significant influence on the
market share enjoyed by the business.
- The risk is especially pertinent for
age group 35 and below.
- Customer expectations not satisfied with
product offering.
|
|
- Regular regional meetings and strategy
sessions held to source insight into
markets, receive product feedback and
communicate fashion trends, product
innovation, merchandise and store
improvements, market analysis
and opportunities for growth.
- There are experienced brand/divisional/
supply chain managers in the business,
who focus on key products and areas.
- Attendance at international trade fairs.
- Ongoing cost/pricing adjustments and
expansion of distribution channels
(eg e-commerce).
- Store displays and trading space
are continually refreshed, and ideas
shared across the Group via various
mediums (eg operations newsletter).
- Ongoing ‘competitor shopping’
undertaken.
- Inventory provisioning process in stores
ensures improved product life cycles.
- BOP utilised to improve in-stock
levels of business critical items, and
management/exit of slow moving
inventory.
|
|
- Work with suppliers and leading experts
to ensure ‘wow’ factor of products and
merchandising.
- Use business information tools to train
and motivate operators to innovate and
pioneer.
- BOP continues to improve product
lifecycles, thereby ensuring constant
responsiveness to evolving fashion.
- Optimal range/pricing structures will
remain a priority.
- The Group’s high standing among
customers is to be maintained by
continuing to deliver an offering in line
with customer demand. In this regard,
continuous improvement in the
approach to product research and
development is crucial.
|
|
|
|
|
|
5. Staff inadequately trained |
Risk description |
|
Mitigating controls |
|
Strategic imperatives |
- Individuals are not adequately trained/
developed, and succession planning may
be inadequate.
|
|
- The Group conducts various training
courses and operates an established
Tiling and Plumbing Academy. Training
spend is significant.
- Divisional management and the
executive directors of the Group are
closely involved in the operations of the
business and regular regional meetings
are held, as well as other regular
interactions.
- The business implements career
advancement training which comprises
its Leadership Development Programme,
Operator Training Programme (“OTP”)
and other university-affiliated courses.
- The Group has a culture of developing
and promoting from within, and various
initiatives and programmes are in place
to foster this.
- Employee engagement surveys are
conducted and reviewed by Group
management.
- E-learning platforms are in place with
Group and retail-specific content.
|
|
- Instil greater retail-specific focus
in training and development
programmes; attract and retain key
talent through promoting business
partnerships; and encourage
commitment to business success
through development programmes and
remuneration and reward strategies.
- OTP will continue to serve as an
important mechanism to build
leadership capacity in the Group.
- Enhanced e-learning initiatives will
improve training in outlying and
rural areas.
- Building of additional capacity in the
Human Resource department with
particular focus on the Group’s three
retail brands.
|