A Review of Risk Management Planning and Reporting in South Africa’s Public Institutions

  • Tankiso Moloi University of Johannesburg, Department of Accountancy, Johannesburg
Keywords: enterprise risk management, risk planning, risk reporting, public institutions

Abstract

This exploratory work attempts to review the risk management planning and reporting practices applied in South Africa’s public institutions by defining variables that were deemed indicators of risk management planning and reporting practices, namely: the timing of the institutions’ strategic and combined assurance planning, documentation and active management of risks appearing in strategic risk registers and operational risk registers and the availability of risk management software (including its nature and usefulness).
The results point to the fact that there is confusion regarding the timing of both strategic and combined assurance planning sessions. Some institutions conduct these in the preceding year, whereas others appear to be conducting these during the year of implementation. Results further suggest that the practice of implementing combined assurance has not yet been embedded in the majority of public institutions, pointing to uncoordinated assurance activities that could lead to ‘assurance fatigue’. Results further point to the fact that there are still public institutions that are unable to prepare the strategic and operational risk registers. This raises the question of how these risks are managed if they have not been measured and documented.

Published
2017-06-30
How to Cite
Moloi, T. (2017). A Review of Risk Management Planning and Reporting in South Africa’s Public Institutions. Central European Public Administration Review, 15(2), 79–92. https://doi.org/10.17573/ipar.2017.2.03
Section
Articles