Information Technology And Information IT Security

Information Technology And Information IT Security

IT Policy and related expenditures

The Board of Directors realizes that in today’s era of technology, it is important to have a strategic alignment of information security with business strategy in order to achieve organizational goals. As such, the board ensures that appropriate resources are allocated for the implementation of an information and IT security framework within the organisation.

Moreover, all companies within the group have established a Risk Management Register to ascertain that risks are systematically identified and mitigated so as to minimize the potential impact on information resources.
 

IT technology

The company is also embracing technological change and is having most of digital information hosted on the cloud. This is as part of the strategy to cater for the growth of the organization across multiple physical locations and to ensure business continuity. Furthermore, the company has implemented multiple security policies to ensure that data is safeguarded both within its premises as well as those hosted on the cloud including access rights granted only to authorized personnel, password expiry and complexity policy has been applied and backup process for digital information.

As part of the planning and budgeting exercise, all IT expenditures are identified. For all purchases of over Rs500,000, the company has setup a tender committee which is responsible for the evaluation and selection of the most appropriate supplier for the requested services and purchases.

During the past financial year, in line with our strategic objectives, the Company has embarked on several key IT projects.

 

First of all, with our growing business activities, the Company now has multiple offices and all the offices are have been inter connected through a secured VPN. This serves a back bone for inter company connectivity and has enabled the deployment of a centralized access control system.

Moreover, we have our migrated our ERP software to the cloud which will ensure better accessibility and uptime of the service. We have also recently started the implementation of a new HR software on the cloud. This will streamline the process of gathering employee attendance information and will greatly improve payroll processing time.

Succession Planning Policy

Succession Planning Policy
Succession Planning Policy

The Board considers its succession very carefully in its annual strategy session.

The Board has a defined succession planning policy which is applicable for succession planning of the following personnel:

  1. GCEO;
  2. Independent and other Non-Executive Directors on the Board;
  3. Senior management team; and
  4. Any other positions within organisation at the discretion of the Chairman & GCEO in consultation with the Board.

The Corporate Governance, Nomination and Remuneration Committee shall oversee and review succession plans from time to time and recommend the same to the Board. The Committee shall proactively review the succession requirements for the Board and carryout the due diligence process to determine the suitability of every person who is being considered for being appointed or re-appointed as a Director of the Board based on his educational qualification, experience and track record. The proposed candidate shall be evaluated by the Corporate Governance, Nomination and Remuneration Committee to determine the eligibility and fit and proper criteria as per the Companies Act 2001 and thereafter such candidature shall be recommended to the Board for its consideration and approval.

 

Succession Plan for The Senior Management Team is based on the inputs received from the Human Resource Manager and the GCEO. The Committee shall periodically review any vacancy or probable vacancy in the position of Senior Management team which may arise on account of retirement, resignation, death, removal or incapacity whether temporary or permanent or otherwise. The Board shall strive to fill such vacancy from within internal modes through elevation or otherwise subject to availability and in case no suitable candidate is available to fill the position, external candidates shall be considered. The Board shall in consultation with the GCEO and the Chairman of Corporate Governance, Nomination and Remuneration Committee will evaluate the suitability of any such person based on factors such as experience, age, health and leadership intelligence and recommend his or her candidature to the Board well before such vacancy arises to facilitate smooth transition.

The Committee may also resolve to engage the services of such retired executive on a contractual or consultant basis or otherwise subject to his or her proven track record and his willingness to serve the organisation in such capacity. The prevailing HR standards for promotions and or transfers shall be designed in such a way that the existing or proposed senior managerial personnel shall get all-round exposure in various domains to facilitate career progression, prepare them for administrative responsibilities for discharging their functions effectively.

Every member of the senior management team shall always endeavour to add capability in-house and mentor subordinates with potential working under him to handle his responsibility in his absence by exposing him to all aspects of work being handled by him. In the event of any unexpected occurrence in respect of any member in the core management team, the next person as per the organisation chart shall take interim charge of the position, pending a regular appointment in terms of the succession plan.
 

Corporate Governance, Nomination and Renumeration Committee

Corporate Governance, Nomination and Renumeration Committee

The Board committees have been established in order to assist the Board in its mandate and to enhance its efficacy.

Directors Appointment Procedures

There should be a formal, rigorous and transparent process for the appointment, election, induction and re-election of directors. The search for Board candidates should be conducted, and appointments made, on merit, against objective criteria (to include skills, knowledge, experience, and independence and with due regard for the benefits of diversity on the Board, including gender). The Board should ensure that a formal, rigorous and transparent procedure be in place for planning the succession of all key officeholders.

Appointment

As part of its mandate the Board carefully considers the needs of the organisation in appointing directors onto the Board. The following factors are carefully considered:

  • Skills, knowledge and expertise required on the Board;
  • Skills, knowledge and expertise of the postulant;
  • Previous experience as a director;
  • Specific roles required on the Board such as chairman of a committee;
  • Balance required on the Board such as gender and age;
  • Independence where required;
  • Reputation of the postulant in the country;
  • Amount of time the postulant is able to devote to the business of the Board;
  • The fees requested from each postulant; and
  • Conflicts of interests.

To this end a transparent procedure is in place to vet the postulants according to this rubric.

Thereafter the members of the Corporate Governance, Nomination and Remuneration Committee will interview each postulant and will make its recommendations to the Board. The Board will agree each appointment. Once the postulant has been selected they will be put forward to the shareholders at the Annual General Meeting by way of ordinary resolution for approval.

 

corporate
Corporate

Once a postulant has accepted a seat on the Board, they are asked to sign a service Contract which carefully outlines the following:

  • Term of office;
  • Time commitment expected from each director;
  • Confidentiality;
  • Conflicts of Interests;
  • Directors liability insurance;
  • Right to independent advice;
  • Mandatory induction program;
  • Training and development program; and
  • Board policies & procedures.

Directors are re-elected each year at the Annual General Meeting of shareholders

 

Directors Duties, Remuneration And Performance

Directors should be aware of their legal duties. Directors should observe and foster high ethical standards and a strong ethical culture in their organisation. Each director must be able to allocate sufficient time to discharge his or her duties effectively. Conflicts of interest should be disclosed and managed. The Board is responsible for the governance of the organisation’s information, information technology and information security. The Board, committees and individual directors should be supplied with information in a timely manner and in an appropriate form and quality in order to perform to required standards. The Board, committees and individual directors should have their performance evaluated and be held accountable to appropriate stakeholders. The Board should be transparent, fair and consistent in determining the remuneration policy for directors and senior executives.

Legal Duties

All of the Directors on the Board including any alternate Directors are fully appraised of their fiduciary duties as laid out in the Act.

 

Code of Ethics

The Code of Ethics was drafted by the Board in consultation with the staff and management of the various entities and it is published on the website. Both directors and staff are made aware of this Code and the consequences of not complying with it. The Code of Ethics is reviewed each year by the Corporate Governance, Nomination and Remuneration Committee.

Training sessions are held periodically throughout the organisation and its subsidiaries to ensure full compliance to this Code.

 

Induction

All new Board members are inducted by way of a formal induction program which is overseen by the Chairman of the Board and the Chairman of the Corporate Governance, Nomination and Remuneration Committee.

Topics covered by the inductions are:

  • Shareholders’ agreement, Constitution and Board Charter;
  • Code of Ethics;
  • Regulatory framework of Mauritius;
  • Directors duties;
  • The new Code for Corporate Governance in Mauritius;
  • Risk management framework;
  • Directors Indemnity Insurance;
  • Organisation chart;
  • Operations of the Company and its subsidiaries; and
  • Introduction to key stakeholders including staff, legal and Board advisors.
corporate
Continuous Development Program
Corporate

This year the Director Development Program was designed specifically for this Board.

The following topics are being covered over a two-year period:

  • Principle functions and responsibilities of the Board;
  • Setting the Company strategic direction;
  • Making a difference as a Director;
  • How to avoid capture: a guide to conflicts of interest;
  • Shareholder relationship management;
  • CSR & corporate governance links;
  • The effective Board: proven case studies;
  • Board approaches to strategic risk management;
  • Holding Board committees to account;
  • Fraud, Whistleblowing, Anti-bribery, and Anti-corruption;
  • Family Owned and/or Controlled Corporations and Related Topics;
  • The Dragonfly perspective: Better decision-making by Boards;
  • Corporate governance trends in Africa;
  • Building your company’s ESG Capital: an investment success;
  • Tensions in value creation: which goals, how and for whom?
  • 360-degree evaluation for director strengths and development opportunities;
  • IT Security Governance: what every Board should know.

 

Independent Board Evaluation

Each year, the Board appoints an independent board evaluator to evaluate the performance of the Board, its committees, individual directors and its policies and procedures.

The evaluation process is comprised of:

  1. The Consultant reviewing all relevant board documentation;
  2. Each Director completing a comprehensive questionnaire;
  3. A one on one interview with each Board member and the Evaluator; and
  4. A final report of findings plus recommendations.