Sasol Integrated Report 2024 - Book - Page 31
INTRODUCTION
ABOUT SASOL
STRATEGIC OVERVIEW
BUSINESSES
ESG
DATA AND ASSURANCE / ADMINISTRATION
REMUNERATION REPORT
RISK MANAGEMENT continued
RISK MANAGEMENT IS INTEGRATED INTO OUR DECISION-MAKING PROCESSES AND DAILY OPERATIONS
continued
INTERNAL CONTROL FRAMEWORK AND ASSESSMENT
Promoting a strong risk culture
We promote a risk aware culture where risk management is embedded into
how we manage and run the business, and into key decision making processes.
Leadership commitment
Senior leaders demonstrate a strong commitment to risk management, setting a clear
example for the rest of the organisation.
Clear communication
Regular and effective risk reporting through our governance structures which aligns with
the strategic objectives and Group top priorities. Foster an environment where employees
feel safe reporting risks or potential issues without fear of reprisal.
Training and awareness
Provide risk management training and awareness programmes to ensure employees
and other stakeholders understand their role in managing risks.
The Board, with the support of the Audit
Committee, is ultimately responsible for Sasol’s
system of internal control, designed to identify,
evaluate, manage and provide reasonable
assurance against material misstatement
and loss. We apply a Combined Assurance Model
approach, which seeks to optimise the assurance
obtained from management as well as internal
and external assurance providers while fostering
a strong ethical context and mechanisms to
ensure compliance.
OUR COMBINED ASSURANCE MODEL
Accountability
Establish clear accountability and ownership on risks and key responses for managing risks
across all levels of the organisation.
MANAGEMENT
Process embedding
Ensure risk assessments and management of key responses are embedded into key business
processes, such as strategic planning, project management and operational procedures.
Automated tools
Utilise technology and automated tools to integrate risk management activities seamlessly
into daily operations.
Regular risk assessments
Conduct regular reviews, update management plans to reflect the current operating
environment and emerging risks.
Governance and oversight of risk management
We follow an integrated risk governance process to ensure that decisions are aligned with our strategic
intent and execution. This enables coordination and management of risk across our organisation with
dedicated oversight by the Board of Directors, Board Committees and Group Executive Committee.
The Board is ultimately accountable for the governance and management of risk in Sasol.
• It sets the Group risk appetite and risk tolerance limits to sustain and grow the business,
and plays a pivotal role in ensuring appropriate key responses to the Group top risks (GTRs).
• It assesses the effectiveness of the risk management process, completeness and adequacy
of our GTRs.
• The various Board Committees assist the Board in giving effect to its accountability. In line with
their terms of reference, they assist the Board in governing the GTRs assigned to them
and ensuring adequate and appropriate assurance over key responses, in line with our
Combined Assurance Model (CAM).
INTERNAL
ASSURANCE
PROVIDERS
EXTERNAL
ASSURANCE
PROVIDERS
Through the Risk Policy and strategic intent of risk
management approved by the Board, management
identifies material risks facing Sasol and
implements the necessary internal controls.
The process is monitored and evaluated under
the direction of Sasol Assurance Services, while
external audit teams cover key controls and
accounting matters in the course of their audits.
Other levels of external assurance are obtained
as and when required.
With respect to the financial year ended
30 June 2024, management has identified material
weaknesses in internal control over financial
reporting due to:
• Risk assessment – lack of effective period
risk assessment processes to identify and
timely respond to emerging risks in financial
reporting processes.
www
• Design and operating deficiencies which
resulted from insufficient evidence of
management review and performance of control
procedures, including the level of precision
in the execution of controls and procedures
to ascertain completeness and accuracy of
information produced by the company.
• Information Technology General Controls
(ITGC) in Sasol Germany and Sasol Italy did not
operate effectively for the entire financial year.
• Revenue recognition – failure in the operation
of the Company’s internal financial controls
over revenue recognition in Sasol Oil.
Management strives to continuously improve the
diligence in the identification and documentation
of key controls. Management initiated remedial
measures to further enhance its processes and
controls over financial reporting and is actively
engaged to formulate a comprehensive plan
for remediation of the material weaknesses.
Notwithstanding the deficiencies in the
Company’s internal control over financial
reporting, the Committee believes that the
consolidated annual financial statements
present fairly, in all material respects, the
Company’s and Group’s financial position,
results of operations and cash flows as of
and for the periods presented in accordance
with IFRS, as issued by the IASB.
Refer to the report from the Audit Committee in the Annual Financial Statements regarding the material weaknesses
identified, available on our website www.sasol.com
SASOL INTEGRATED REPORT 2024
29
