Implement action plans and operationalise the business unit assurance forums

ASSESSMENT TYPE:	TAKE-HOME ASSESSMENT (PAPER ONLY)


By submitting this assessment, you acknowledge that you have read and understood all the rules as per the terms in the registration contract, in particular the assignment and assessment rules in The IIE Assessment Strategy and Policy (IIE009), the intellectual integrity and plagiarism rules in the Intellectual Integrity Policy (IIE023), as well as any rules and regulations published in the student portal. INSTRUCTIONS: 1. Please adhere to all instructions. These instructions are different from what is normally present, so take time to go through these carefully. 5. You should paraphrase (use your own words) the concepts that you are referencing, rather than quoting directly. Marks will be awarded for the quality of your paraphrasing. 6. b. The document name must be your Name.Student number.Module Code. c. Once you have completed the assessment, upload your document under the submission link in the correct module in Learn.

Referencing Rubric

Major technical referencing errors: 10% deduction from the overall percentage –the student’s work contains five or more errors listed in the major errors column in the table below.

If both minor and major errors are indicated, then 10% only (and not 5% or 15%) is deducted from the overall percentage. The examples provided below are not exhaustive but are provided to

Consistency

Two book chapters (bibliography) have been referenced in the bibliography in two different formats.

Major inconsistencies.

•Referencing	format	is

technically correct throughout the submission.

•Position of the reference: a reference is directly associated with every concept or idea.

•Position of the references: references are only given at the beginning or end of every paragraph.

•For example, the student has incorrectly presented direct quotes (in-text) and/or book chapters (bibliography/reference list).

•For example, incorrect author information is provided, no year of publication is provided, quotation marks and/or page numbers for direct quotes missing, page numbers are provided for paraphrased material, the incorrect punctuation is used (in-text); the bibliography/reference list is not in alphabetical order, the incorrect format for a book chapter/journal article is used, information is missing e.g. no place of publication had been provided (bibliography); repeated sources on the reference list.

Congruence between in-text referencing and bibliography/ reference list

•There is largely a match between the sources presented in-text and the bibliography.

•For example, a source appears in the text,but not in the bibliography/ reference list or vice versa.

the	in-text	referencing	and	the

In summary: the recording of

complete.

....................................................................................................................................................................................................................................................................................................

© The Independent Institute of Education (Pty) Ltd 2021

SECTION A (MARKS: 60)

Page 3 of 13

19; 20; 21	2021




Source: Bourne, M. 2020. Risk management and the COVID-19 pandemic, ICF Insight, April 28, 2020. [Online]. Available at: [Accessed 12 November 2021].

Q.3.1	The operational risk management process aims to provide a structured approach to risk management. Briefly outline any four components of a typical risk management process.	(4)

Q.3.2		(6)

Q.3.3	Q.3.3 With reference to the above abstract, discuss the ‘total cost-of-risk’ for organisations. Three risk management objectives need to be considered.	(10)

SECTION B (MARKS: 60)
Note: This is an essay question and the following structure should be followed: 1. Introduction The introduction is a summary of what is intended to be discussed. This aspect provides an overview/synopsis of what needs to be discussed. Do not provide too much information in the introduction.

Read the case study below and answer the questions that follow.

What is material in our value-creation process

In appreciating that success comes from creating a “risk aware” and “risk intelligent” organisation, without the right culture and leadership, Telkom could easily become risk averse and lose sight of opportunities that may exist in the market or take more risks than it can bear. The group recognises that to create a positive risk culture, it is important to have the right level of risk leadership and support. Our senior leadership (board, exco and senior management) takes overall ownership of risk management principles. The board is committed to align Telkom’s risk management to good corporate governance and best practice standards, including the Committee of Sponsoring Organisations of the Treadway Commission (COSO) framework.

Our risk management framework defines the processes for effective risk-taking. We are redefining our risk appetite framework and tolerance levels in line with the new federated operating model.

Each business unit has a business unit assurance forum to affect the ERM framework through effective risk management and combined assurance to optimise risk-taking.

The chief risk and compliance officer leads Telkom’s risk community in the ERM forum, which was formed to share best practices and knowledge, and engage and monitor key risks and mitigating plans.

Business units implement the risk strategy and framework and monitor risk mitigation plans.

Our risk and compliance transformation journey
During the year, we embarked on a transformation journey to enhance our risk management approach and framework for the group. We appointed the chief risk and compliance officer who reports to the GCEO and the risk committee, and dedicated risk officers for each business unit. We have moved from a decentralised model to a hybrid operating model.

Below are some of this year’s improvements as part of our journey towards a risk intelligent group: • We conducted a baseline assessment of our group-wide risk management maturity level across the group including a best practice analysis. Thereafter, we developed a robust risk and compliance transformation plan with five strategic pillars to deliver over a six- to twelve- month period.

• We reorganised the ERM unit by creating the corporate ERM function as a CoE.

Source: Telkom SA SOC Ltd, Integrated Report 2018 for the year ended 31 March 2018. [Online]. Available at: [Accessed 12 November 2021]

With reference to the above abstract, discuss some of the risk control measures that Telkom can adopt to mitigate possible risk. Further identify the risk factors outlined in the case study. Recommend risk control measures for each risk factor that may beadopted to eliminate or reduce risk factors.

19; 20; 21	2021

19; 20; 21	2021

Page 12 of 13

19; 20; 21	2021