REPORT ON
RISK EXPOSURE ASSESSMENT AND ITS MANAGEMENT
 Good governance is the means of ensuring due and adequate control over the strategy and direction of any organisation.
In terms of section 30 of the Reporting Regulations, management was effective
the duly appointed Vice-Chancellor is responsible for the management and administration of a public higher education institution and the Vice-Chancellor’s report on
management/administration must report on risk exposure, assessment and the management thereof. Section 5.2(j) of the Reporting Regulations also requires each public HEI to include in its Annual Report an institutional Risk Register that documents the critical identified risks; the likelihood of each such risk occurring; an assessment of the identified risk’s potential impact; and the measures put in place to mitigate risks. Section 7 of the Reporting Regulations requires that Council reports on risk management in its report and particularly regarding the following:
• Council is required to make a statement on risk management wherein they comment on how a public HEI has dealt with the issue of risk management. It should provide a statement that the Council is responsible for the total process of risk management as well as forming its opinion on the effectiveness of the process. Council should disclose the system that it has put in place to support its opinion, including independent and objective reviews of the risk management processes within a public HEI
• Make a disclosure confirming that Council maintained a reporting system that enabled it to monitor changes in a public HEI’s risk profile and gain an assurance that risk
• Disclose that a public HEI has and maintains an efficient and effective process of risk management to manage key risks and, accordingly, Council is not aware of any key risk current, imminent or forecasted that may threaten the sustainability of a public HEI
In this regard, the Vice-Chancellor is accountable to the University’s ARCC and ultimately Council for risk management. Based on the need to balance the achievement of specific performance against the need to protect its stakeholders (conformance), the Council of UNIZULU has approved the implementation of an integrated risk strategy and risk management policy as a key component of its Corporate Governance Framework.
Enterprise-wide Risk Management (ERM) is a formal and systematic response to all key risks facing an institution. It is a disciplined and integrated approach that supports the alignment of strategy, process, people, and technology, and allows organisations to identify, prioritise, and effectively manage their critical risks. By understanding all risks in an integrated framework, institutions can execute proper strategies to successfully achieve their objectives and to meet their performance goals. UNIZULU’s proposition is that risk management provides processes and tools that it needs to become more anticipatory and effective at evaluating, embracing and managing the uncertainties that it faces as
  UNIVERSITY OF ZULULAND ANNUAL REPORT 2020
152