2020 INTEGRATED REPORT

The role of the GTSC is to assist and enable the GRC to discharge its responsibilities in relation to the management of Information Technology (IT) delivery and risks. The Committee has an independent oversight role, with delegated responsibility for interrogating and monitoring IT Risks, associated ratings and responses in a manner that promotes engagement between IT and business and to report thereon to the GRC. The Committee must perform all the functions necessary to fulfil this role and is responsible for governing technology and information in a way that supports the organisation setting and achieving its strategic objectives, as set out in the recommended practices under Principle 12 (Technology and information governance) of the King IV Report of Corporate Governance for South Africa, 2016. The Committee is responsible for reviewing the IT Governance Policy (and the underlying IT Policies to which it refers) and for recommending it to the Group Risk Committee for approval. In addition, the Committee has the following specific responsibilities as assigned to it by the GRC, on an ongoing basis: ~ Support IT management by giving guidance and helping to clarify priorities on ICT related issues; ~ Review and annually approve the Group IT Strategy; ~ Review and monitor the supporting management actions, in order to implement the IT strategy in a timeous and cost-effective manner, ensuring that the desired business benefits are realised; ~ Reviewand approve the GroupArchitecture Principles as recommended by the Group Architecture Review Board (ARB); ~ Monitor that effective IT programme/project approval, prioritisation processes, risk management and corporate governance are in place for the PPS Insurance Group; ~ Review the IT strategic and operational risk assessments; ~ Review the IT audits, including, but not limited to: – IT General Controls audits; – Security Audits; – Disaster Recovery audits; – King IV Compliance audits; – IT Service Management (ITIL) audits; ~ Review the Software Development Life Cycle; ~ Reviewmetrics for the measurement of IT Operations (“run environment”) and the IT Build environment (“DevOps”); ~ Review and approve the IT Operating Model structure (organogram); ~ Review and approve the IT skills and transformation strategy (sourcing, retaining, building in redundancy and upskilling); ~ Promote engagement between IT and business within the Group; ~ Assess the impact on IT of current projects (dashboard) and consider which projects are at risk; ~ Review and interrogate feedback from the ARB and the Strategic Change Office for consistency of approach, and to provide insights to management. The GTSC is comprised of i) two independent PPS Insurance non-executive directors and members of the GRC, being the IT specialist GRC member, who is the chairman of the GTSC, and the GRC Chairman, ii) up to two independent technology specialists (who are not members of the Insco Board or GRC) co- opted by the GRC to serve on the Committee and iii) the Group Chief Operating Officer and the Chief Information Officer. Following the resignation of the Chief Technology Officer on 31 January 2020, one of the independent technology specialists, Mr L de Villiers, was appointed as the Acting Chief Information Officer until Mr J P Loubser was appointed as the Chief Information Officer. The GTSC is scheduled to meet at least four times a year. There is overlap in the non-executive membership of the GRC and the GTSC. The GTSC meetings held during the year and the attendance thereat were as follows: Group Technology Steering Committee 12 Feb 2020 11 May 2020 7 Aug 2020 21 Oct 2020 Mr E J S Franklin (Chairman) P P P P Dr A Bachoo (Resigned 31 January 2020) N/A N/A N/A N/A Mr N J Battersby P P P P Mr L de Villiers # P P P P Mr J P Loubser (Appointed 1 August 2020) N/A N/A P P Mr A Nel P P P P Dr J A van der Merwe P P P P # Mr de Villiers attended this meeting in his capacity as the Acting Chief Information Officer, pending the appointment of Mr J P Loubser as Chief Information Officer CORPORATE GOVERNANCE REPORT | 99