The Risk Committee (the committee) presents the following report for the 2019 financial year.

Committee Governance


Members of the committee for the financial year under review were independent non-executive directors, Chris Wells (Chairman), Phinda Madi, Harish Mehta and Andrew Waller and executive directors Graham O’Connor and Mark Godfrey.

Phinda Madi retired as a non-executive director and member of the committee on 12 February 2019.

The following changes are noted in respect of the committee for the 2020 financial year:

  • Lwazi Koyana was appointed as a member of the committee with effect from 1 November 2019.
  • Chris Wells will retire as a non-executive director and member of the committee at the 2020 AGM.
  • Marang Mashologu will replace Chris as the Chairperon of the Risk Committee with effect from 1 February 2020.

Members’ qualifications and experience are available here.


The committee met formally twice during the financial year under review. Members’ attendance at meetings are recorded here. Permanent invitees at committee meetings are the Group Risk and Sustainability Executive, the Group Logistics Executive, the Group IT Executive, the Group Internal Audit Manager, the external auditor and the Company Secretary (who also acts as the secretary of the committee).

Evaluation of the committee

The committee conducted a self-assessment evaluation to measure its effectiveness and performance during the financial year under review. There were no concerns were raised with the functioning of the committee nor with the efficiency and competence of its members. The next evaluation will be undertaken in 2021.

Role and responsibilities

The committee’s roles and responsibilities are governed by its terms of reference as reviewed and approved annually by the board. The board has allocated the oversight of risk governance, technology and information governance and compliance governance to the committee.

The committee oversees the company’s risk management, IT and compliance processes to ensure that management identifies potential risks in these areas which may affect the company or its operations. It implements effective policies and plans to mitigate any risks, enhance the company’s ability to achieve its strategic objectives, and support the company in being ethical and a good corporate citizen.

The committee receives feedback on all relevant matters in its terms of reference from the following committees:

  • Audit Committee
  • Social and Ethics Committee

The committee is satisfied that it has fulfilled its responsibilities in accordance with its terms of reference, a copy of which can be found online.

Key focus areas

Risk governance

Kevin O’Brien is the Group Risk and Sustainability Executive and is responsible, together with executive management, for the implementation and execution of the risk management process. An Enterprise Risk Management (ERM) policy and framework is in place and was reviewed during the financial year under review. In keeping with the King IV™ recommendation of providing a combined assurance policy and framework, the committee considered such a policy and framework and approved same at its August 2019 meeting.

Internal audit provides the committee assurance as to whether risk management processes within the group are adequate and effective and makes recommendations on areas where the SPAR risk management processes could be improved.

Focus areas for the 2020 financial year will be to:

  • Conduct a comprehensive risk culture survey. Consider the results of the survey and implement plans to address issues raised with a view to moving the risk maturity of the organisation from a Defined level to a Managed level.
  • Conduct refresher risk workshops with divisional risk champions and departmental risk champions. Conduct comprehensive risk reviews and KPI reviews during these workshops.
  • Hold monthly risk meetings with divisional risk teams to consider performance against risk plans and mitigation plans. Ensure that risk is an item on all divisional executive committee meetings.
  • Constitute a Combined Assurance Forum to monitor the implementation of the combined assurance policy and framework and report on its progress at Risk Committee meetings.
  • Monitor management’s progress on the identification of any new strategic and operational risks identified in terms of the implementation of SPAR South Africa’s reviewed strategic plan.
  • Implement integrated management software to monitor risk, strategy and relevant KPIs.

IT governance

During the financial year under review, Enno Stelma was the Group IT Executive and responsible, together with executive management, for the implementation and execution of effective technology and information management. Enno retired on 30 September 2019 and was replaced by Mark Huxtable.

An IT strategy and governance framework is in place and was reviewed during the financial year under review.

The implementation of the second phase of our modernisation program is progressing well. The SAP Accounts Receivable module went live in the South Rand distribution centre without any problems. The Accounts Payable module is in simulation in the same distribution centre and is expected to go live in November 2019. The rollout of these modules to the other divisions will commence in 2020.

Further investments have been made in the cybersecurity area. An independent organisation was contracted to attempt to penetrate SPAR’s systems with a range of hacking tools. The results of this test were reassuring. Nevertheless, management will remain highly vigilant in this area.

System downtime during the past year was minimal and well within acceptable levels. Quarterly downtime reports were reviewed by the committee.

Focus areas for the 2020 financial year will be:

  • The 2020 financial year will see the rollout of Phase 2 to most of the divisions. The completion of this rollout in 2021 will allow us to decommission our legacy financial systems and a portion of the legacy Supply Chain system.
  • Scope and solution decisions around the third phase will be made in 2020 and the project will begin. The third phase encompasses Supply Chain elements such as Merchandising, Replenishment, Warehouse Management and Transport.

Compliance governance

Mandy Hogan is the Company Secretary and is responsible, together with executive management, for the implementation and execution of effective compliance management. A compliance policy is in place and will be further expanded on during the 2020 financial year to include a formal system to help the company maintain compliance in all areas of its operations. Accordingly, the focus area for the 2020 financial year will be to implement an integrated management software solution to monitor compliance.

In addition to the key focus areas detailed above, the committee received feedback from management on the group’s insurance, operational risk matters (logistic risks, human resource risks, food safety risks, climate change risks and financial risks).

Thanks go to the members of the committee for their dedicated and constructive contributions to its functioning.


Chris Wells
Chairman of the Risk Committee
12 November 2019