The board, supported by the audit committee, is ultimately responsible for Exxaro's system of internal controls, which has been designed to evaluate, manage and provide reasonable assurance against material misstatement and loss.
We apply a combined assurance model to optimise assurance by management, as well as internal and external providers, while fostering a strong ethical climate and mechanisms to ensure compliance.
Using our board-approved ERM approach, management identifies key risks facing Exxaro and implements the necessary internal controls our business risks and opportunities with comparable information for trend analysis where possible.
The board and audit committee assessed the effectiveness of controls for the year ended 31 December 2021 as satisfactory, principally through a process of management self-assessment (including formal confirmation by executive management), reports from internal audit, independent external audit and other assurance providers.
Exxaro defines assurance broadly to cover all sources, including external assurance, internal audit, management oversight and regulatory inspections.
Our combined assurance model includes and optimises all assurance services and functions to collectively provide an effective control environment and support the integrity of information used for internal decision making by management, the board and its committees, and in our external reports including:
The forum's activities and outcomes of assurance reports are presented quarterly to the audit committee.
For the year under review, the sources, level and focus area of assurance, commissioned and performed, are summarised below.
|Selective non-audit services||PwC||3||Yes||Yes|
|Environmental liability provisioning||PwC||3||Yes|
|Mining rights and environmental legal compliance||Inlexso||3||Yes|
|B-BBEE dtic code compliance||Empowerdex||3||Yes||Yes|
|Mining Charter III compliance||Ngubane||3||Yes||Yes|
|Insurance risk surveys||IMIU||3||Yes|
|Major and mega capital projects||EY||3||Yes||Yes|
|Mineral Resources and Mineral Reserves statement||EY||3||Yes|
|Governance, risk and internal controls||EY||3||Yes||Yes|
|ISO and OHSAS certifications||Various||3||Yes|
The total number of findings raised since 2018 is 664. As at 31 December 2021, there was a total of 343 findings that had been successfully resolved leaving a total of 321 open findings. There is currently a total of 44 findings where follow-ups are in progress by internal audit and 45 findings where management is implementing corrective actions within the agreed timelines. In addition, there are 231 findings that are "ready for audit" (a three-month "waiting" period is applied before performing follow-up procedures for the control to be fully embedded). The split by status of findings is depicted in the chart below.
|Current period reporting|
|Status of findings||Internal
|Total for the
|Follow-up in progress||44||0||44|
|Ready for audit||67||164||231|
Overdue findings have been classified by ratings assigned in the final audit report and split into audit source below.
|Audit source||Level 1
|Other assurance providers||0||0||0||0||0|