Risk Management & Internal Audit

In terms of section 25 of the Technical and Vocational Education and Training Colleges Act (act no. 16 of 2006), as amended by the Technical and Vocational Education and Training Colleges Amendment Act (act 3 of 2012), the Council of Boland College must “implement internal audit and risk management systems which at least are not inferior to the standards contained in the Public Finance Management Act”. Against these requirements, the Boland College Council appointed a full-time Risk Manager and an Internal Auditor to establish the Risk Management and Internal Audit processes.

The Risk Management process commenced in 2010 with a series of workshops, held per business process. In this regard, the Risk Management process took full cognisance of, and built upon the very strong QMS processes at Boland College. A large amount of time and effort was spent during the early stages of the function to ensure everyone at the College understands the process of Risk Management, as well as Internal Audit. The maturity level of the Risk Management process has reached the stage where process owners take responsibility for the management of risks per process. The top strategic risks are presented to Council at the quarterly meetings.

The Audit & Risk Committee

The Audit and Risk Committee is responsible for overseeing the Risk and Internal Audit processes. The success of these two functions are directly related to the support, direction and guidance provided by the Audit and Risk Committee. The continued reports and support adds value, to not only the effective management of a risk or group of risks, but also allows the Audit and Risk Committee to form an opinion on the entire control environment.

The Risk and Internal Audit function has a very consultative and facilitative approach, fully utilising the knowledge of our management and staff and making them part of the process. Business processes are analysed in much detail, based upon the risks identified by the operations personnel. This risk-based approach is therefore extremely efficient and results in Risk Management becoming part of everyday activities.