109 | Corporate governance report PPS Integrated Report 2021 The role of the GTSC is to assist and enable the GRC to discharge its responsibilities in relation to the management of Information Technology (IT) delivery and risks. The Committee has an independent oversight role, with delegated responsibility for interrogating and monitoring IT Risks, associated ratings and responses in a manner that promotes engagement between IT and business and to report thereon to the GRC. The Committee must perform all the functions necessary to fulfil this role and is responsible for governing technology and information in a way that supports the organisation setting and achieving its strategic objectives, as set out in the recommended practices under Principle 12 (Technology and information governance) of the King IV Report of Corporate Governance for South Africa, 2016. The Committee is responsible for reviewing the IT Governance Policy (and the underlying IT Policies to which it refers) and for recommending it to the Group Risk Committee for approval. In addition, the Committee has the following specific responsibilities as assigned to it by the GRC, on an ongoing basis: ~Support IT management by giving guidance and helping to clarify priorities on ICT related issues; ~Review and annually approve the Group IT Strategy; ~Review and monitor the supporting management actions, in order to implement the IT strategy in a timeous and cost-effective manner, ensuring that the desired business benefits are realised; ~Reviewand approve the GroupArchitecture Principles as recommended by the Group Architecture Review Board (ARB); ~Monitor that effective IT programme/project approval, prioritisation processes, risk management and corporate governance are in place for the PPS Insurance Group; ~Review the IT strategic and operational risk assessments; ~Review the IT audits, including, but not limited to: – IT General Controls audits; – Security Audits; – Disaster Recovery audits; – King IV Compliance audits; – IT Service Management (ITIL) audits; ~Review the Software Development Life Cycle; ~Reviewmetrics for the measurement of IT Operations (“run environment”) and the IT Build environment (“DevOps”); ~Review and approve the IT Operating Model structure (organogram); ~Review and approve the IT skills and transformation strategy (sourcing, retaining, building in redundancy and upskilling); ~Promote engagement between IT and business within the Group; ~Assess the impact on IT of current projects (dashboard) and consider which projects are at risk; ~Review and interrogate feedback from the ARB and the Strategic Change Office for consistency of approach, and to provide insights to management. The GTSC is comprised of i. two independent PPS Insurance non-executive directors and members of the GRC, being the IT specialist GRC member, who is the Chairman of the GTSC, and the GRC Chairman; ii. up to two independent technology specialists (who are not members of the PPS Insurance Board or GRC) co-opted by the GRC to serve on the Committee; iii. the Group Chief Operating Officer and the Group Chief Information Officer. The GTSC is scheduled to meet at least four times a year. There is overlap in the non-executive membership of the GRC and the GTSC. The GTSC meetings held during the year and the attendance thereat were as follows: Group Technology Steering Committee 10 Feb 2021 5 May 2021 23 June 2021 10 Aug 2021 13 Oct 2021 Mr E J S Franklin (Chairman) P P P P P Mr N J Battersby P P P P P Mr L de Villiers P P P P P Mr J P Loubser P P P P P Mr A Nel P P P P P Dr J A van der Merwe P P AP P P AP = Apology
RkJQdWJsaXNoZXIy NzI4MzY4