Over the last decade, UJ has developed its risk management processes into a sustainable process that plays a crucial role and informs key decisions taken by management.
Risk management is an integral part of the annual performance criteria of the Executive Leadership Group. Each faculty and non-academic/professional support service division is required to analyse, assess, evaluate and rate its operational and strategic risks on a continual basis. Members of the Executive Leadership Group formally evaluate their respective identified risks, the related ratings, internal controls, and mitigating strategies throughout the year, in order to ensure that the risks remain valid and up to date, and to maintain an effective risk management and internal control environment.
Each environment presents its risk register on a rotational basis to the Risk Management Committee (RMC), where they are reviewed, with key risks and their management scrutinised. The internal and external auditors evaluate the listed risks and the risk ratings during each audit. Amendments suggested by the auditors are considered by the RMC. This ensures that the mitigating strategies and internal controls for all the listed risks are continually revised and updated. The minutes of the RMC, as well as the updated Institutional Risk Register, are considered by the Management Executive Committee (MEC), after which the final Risk Register is considered by the Audit and Risk Committee of Council (ARCC), followed by the UJ Council.