Our approach to information technology governance

Our Board is responsible for the governance of information technology (IT) which defines the structures, processes, responsibilities and other mechanisms required to make decisions while considering various stakeholders. This form of governance is guided by the principles outlined in the African Oxygen Limited Board charter for information technology. According to its own analysis, Afrox continues to operate in compliance with King III Chapter 5 requirements.

There were no material changes to policies in 2016 and all major IT projects and initiatives were approved by the Board in adherence to the defined levels of authority for governance. Executive management received regular management reports on progress, risks and deliverables to monitor and align IT activities with the Group’s performance and sustainability objectives. Various projects were executed as part of ongoing cost efficiency and service maintenance programmes which were monitored closely by management committees. The effectiveness of IT and programmes to leverage benefits from the existing IT platform are examples of assessments and actions made.

As part of our continuity planning, Afrox tested our IT disaster recovery in 2016 and it remains compliant with all IT-relevant legislation in South Africa and Emerging Africa.

Ongoing focus continues in the area of IT security and governance. Additional measures introduced in 2015 and user awareness programmes were stabilised in 2016 to support the data security environment. Global security monitoring and compliance intensified through vulnerability assessment programmes, none of which led to material risk areas.

Our IT function received multiple audits in the year, both internal and external, with findings reported to the Audit Committee. No major material findings were reported.


Go to the top