made significant strides in its commitment to maintaining systems of internal control over financial reporting and the safeguarding of assets against the unauthorised acquisition, use or disposal thereof. Despite this, inherent limitations to the effectiveness of any system of internal control, including the possibility of human error and the circumvention or overriding of controls, exists. Accordingly, even an effective internal control system can provide only reasonable assurance concerning financial statement preparation and the safeguarding of assets. Furthermore, the effectiveness of an internal control system can change according to circumstances.
ANTI-FRAUD INITIATIVES
The whistleblowing service, which is provided by an independent service provider, is a reliable conduit for all stakeholders to anonymously report suspicious transactions or irregularities. Reports are evaluated by the internal auditors and thoroughly investigated, where necessary. Appropriate
remedial action is taken in relevant instances. The internal auditors also continuously assess fraud risks and all matters are reported to ARCC.
ENTERPRISE RISK MANAGEMENT
Enterprise risk has been delegated to the executive management and is addressed at the Risk Management Committee as well as MANCO. The Vice-Chancellor is ultimately responsible to the Council for designing, implementing and monitoring the process of enterprise risk management. Risk management is also a key performance area, both collectively as well as individually for members of the Executive. The Risk Management Framework, approved by Council and monitored through the Office of the Executive Director: Institutional Planning, ensures maintenance of risk registers, compliance with risk mitigation programmes and provides training on enterprise risk management throughout the Institution. ARC reviews that processes and controls are both efficient and effective. Appropriate insurance and risk
  121
UNIVERSITY OF ZULULAND ANNUAL REPORT 2020