Your freight logistics and shipping service provider

Risk management

Click here for more information on Risk Management

The board is ultimately responsible for governing risk management processes in accordance with corporate governance requirements and discharges this duty through the Risk Committee.  The Risk Committee is constituted as a committee of the board and consists of four non-executive directors (of whom three are independent) and the five executive committee members. The Risk Committee reviews the group’s risk management processes and approves the group risk management plan for the ensuing year. The Risk Committee reviews and assesses the risk tolerance levels relative to specific risks in addition to the assessment, monitoring, reviewing and managing of risks.

Appropriate risk management measures, which include accountability for risk management as a key performance area of line managers, exist throughout the group to counter significant business risks which could undermine the achievement of business objectives. Policies and guidelines on risk management and control support management in discharging its risk responsibilities. Risk management processes within the group are based on the ISO 31000 standard for risk management, with the effectiveness of risk management efforts being assessed by internal and external assurance providers in terms of the group’s combined assurance model.

The group’s executive management encourages a risk-conscious business culture by embedding agreed internal controls and mitigating actions through all levels of management and supervisory staff.


Risk management framework


The Grindrod risk management framework, which reviews identified risks and accounts for new and emerging risks, is supported by continuously updated operational risk registers. The effectiveness of this framework is reviewed by the internal audit function.

High-level strategic and external risks are assessed by the Risk Committee, with executive and operational management being responsible for the continuous identification, assessment, mitigation and management of risks within their areas of operation.


Risk management process


Risk management processes are designed to identify, quantify, prioritise, respond to and monitor the consequences of an agreed risk schedule that encompasses both internal and external risks. The process also promotes the ownership of risk areas and risk management accountability within the group.

Identified risks are evaluated in terms of the potential impact and probability in terms of the likelihood of occurrence. Areas include the risk of harm to people and environment, business interruption, financial loss, legislative and regulatory compliance and reputational risks. The impact and probability evaluations establish the basis for determining the inherent risks and their significance to the business. Residual risk is determined based on the risk mitigation plans developed and implemented by management. Details of the key risk areas are included here.

The internal audit charter provides for an internal audit plan that is aligned with the risk framework. The Risk Committee reviews the effectiveness of both the processes and procedures adopted by management for identifying, assessing and reporting on significant business risks, and the roles of assurance providers with respect to risk management.


Internal control


Grindrod’s systems of internal control and governance structures are integral to the effective management of risk. These systems and structures, which make provision for appropriate delegation of authority to support the control environment, are subject to independent review by internal audit and external assurance providers.




Grindrod undertakes regular risk-control reviews of the group’s operations when procuring insurance cover for unplanned asset losses, liability exposure, fidelity, business interruption and other operational risks.