Information and technology committee REPORT
“As a technology services business, we were called upon to ensure business continuity as we navigated the disruption caused by COVID-19. Our ICT capability ensured that our employees were able to function at high productivity levels as they transitioned to remote working with enhanced levels of security against increasing cyber threats. The newly approved Group IT strategy for 2021 will support the restructured business model and ensure an integrated approach to the strategic and tactical ICT objectives of the EOH Group.”
Focus for 2021
- Enabling execution of the Group business strategy through the provision of strategic and tactical IT support
- Delivery on approved Group IT strategy
- Control cost of ownership
|Ismail Mamoojee||Non-executive Director and Chairperson of the committee|
|Dr Lynette Moretlo Molefi||Non-executive Director|
|Mike Bosman||Non-executive Director|
|Stephen van Coller||Executive Director|
|Megan Pydigadu||Executive Director|
The number of meetings and attendance per committee member are shown in the Corporate governance section.
Regular invited attendees: Group CIO.
The summaries in the EOH board of directors provide an overview of the Directors’ qualifications and experience.
The Information and Technology Committee (the committee) is mandated by the board with ensuring that information and technology is managed, appropriately resourced, and sufficiently defined to enable operations and to achieve the Group’s strategic objectives. The committee is responsible for ethical and effective risk and compliance systems for Information, Communication and Technology (ICT) as defined by King IV principle 12. The EOH EXCO is accountable to the committee for the implementation, effectiveness of, and adherence with, the EOH Governance Framework.
EOH has constituted an IT council that reports into the IT committee and is responsible for the delivery of the Group IT internal strategy within which the organisation operates. This includes the digitisation of the organisation, compliance with the regulatory framework, policy setting and oversight of the costs of the IT function. The IT Council meets monthly and provides updates to the committee at committee meetings.
The committee is responsible for:
- the effectiveness of the EOH Group IT strategy, ensuring that ICT capabilities support the EOH Group business strategy;
- leading the delivery of ICT capabilities that enable the integration of people, technologies, information and processes across EOH entities;
- ensuring sufficient ICT management capacity, resources and IT systems, including applications, hardware, software and networks;
- enterprise-wide management of information and technology risk, in line with the EOH Governance Framework, ensuring a road to ISO 27001 compliance;
- proactive monitoring and management of systems to identify and respond to incidents, including cyber-attacks and data security;
- managing the performance of, and the risks pertaining to, third‑party and outsourced ICT service providers;
- reviewing ICT capital and operating budgets, assuring value delivered from investments made by the EOH Group in information and technology;
- ensuring the effectiveness of governance relating to systems, programming, network and operations activities;
- ensuring ICT backup procedures, including periodic testing, and disaster recovery planning, to ensure business continuity and resilience;
- ensuring the responsible disposal of obsolete technology and the confidentiality of information, with minimal impact on the environment;
- ensuring that an effective disaster recovery plan is in place; and
- ensuring the responsible use of information and technology, including compliance with statutory and regulatory obligations.
ACTIVITIES DURING THE YEAR
The committee is aligned to deliver against the EOH Governance Framework, which contains measures relating to the ethical and effective oversight of the EOH Group’s ICT matters. The committee is required to meet three times a year in terms of its terms of reference, however in the year under review, the committee met four times due to increased work load given the disruptions in the year under review and establishing EOH’s first Group IT strategy.
The committee’s key focus areas for the 2020 financial year included:
|Enhancing IT governance||
|Ensuring business continuity while navigating COVID-19||
|IT security/cyber threats||
Even before the COVID-19 pandemic hit, EOH moved to a more flexible workplace model which promoted a steady increase in people choosing to work remotely. Therefore, when lockdown measures were initiated, EOH was already in a position to empower our workforce to connect and work from anywhere through secure platforms and tools to perform their day to day duties.
The committee is satisfied that it has discharged its responsibilities during the year, as set out in the terms of reference.
Chairperson, Information and Technology Committee
1 December 2020