RSK2601 Assignment 1 (DETAILED ANSWERS) Semester 1 2026 - DISTINCTION GUARANTEED

RSK2601 Assignment 1 (DETAILED ANSWERS) Semester 1 2026 - DISTINCTION GUARANTEED - DISTINCTION GUARANTEED - DISTINCTION GUARANTEED Answers, guidelines, workings and references.. Background: Corporate governance A South African retail company expanded its operations by introducing an artificial intelligence driven customer data analytics system to improve marketing strategies and increase sales. The board approved the project but did not establish clear oversight mechanisms or data governance policies. Six months later, the company faced regulatory penalties after it was found to have processed customer data without proper consent, violating data protection legislation. To strengthen governance and ethical conduct, you must assess the board’s responsibility for technology and information governance in accordance with King IV Principle 16. The following subheadings can be used to structure your assessment successfully: • Introduction: 3 marks • Evaluation with examples: 12 marks • Suggested actions: 3 marks • Conclusion: 2 marks A reference list of external sources excluding the study guide and prescribed textbook must be included at the end of the assessment.Mr. Khumalo has just been appointed as the new CEO of Local Coal Mining Ltd. He approaches you as the risk manager to gain a better understanding of the implementation of risk management in the company. What challenges might Ubuntu Holdings face in implementing ERM and how can they be dealt with? Briefly describe the difference between an enterprise risk management framework, policy and process to Mr. Khumalo to give him a better understanding of the implementation of risk management in Local Coal Mining Ltd. A South African mining company entered into a joint venture with an international partner to expand into renewable energy projects. The board focused primarily on financial returns and failed to conduct a comprehensive environmental and social risk assessment. Community protests later erupted due to environmental damage and lack of stakeholder consultation. To promote sustainable value creation, you must assess the board’s responsibility for stakeholder relationships and sustainable development in line with King IV Principle 16. The following subheadings can be used to structure your assessment successfully: • Introduction: 3 marks • Evaluation with examples: 12 marks • Suggested actions: 3 marks • Conclusion: 2 marks A reference list of external sources excluding the study guide and prescribed textbook must be included at the end of the assessment. Mrs Vilakazi has just been appointed as the new CEO of Local Coal Mining Ltd. A South African retail company expanded its operations by launching an e-commerce platform and introducing a customer loyalty mobile application. The board approved the digital expansion but failed to ensure compliance with data protection legislation. Customer information was stored without adequate safeguards. Eight months later, the company experienced a data breach that exposed customer identities and payment details. To address these governance failures, you are required to assess the board’s responsibility for information governance and data protection in line with King IV Principle 12. Structure your assessment under the following subheadings: • Introduction: 3 marks • Evaluation with examples: 12 marks • Suggested actions: 3 marks • Conclusion: 2 marks A reference list of external sources must be included at the end of the assessment. She approaches you as the risk manager to better understand the implementation of risk management within the company. Compile a report addressed to Mrs Vilakazi in which you briefly explain the difference between an ERM framework, policy, and process. (Explain the difference between risk removal and risk transfer. Use examples to explain your answer. How does utility theory explain the differences in risk perception between groups and individuals? Identify one strength of Harvest Hub and explain how it contributes to the retailer's success. How does the King IV Report on Corporate Governance support ERM in South African organisations such as Ubuntu Holdings? ( What is one key weakness that Harvest Hub faces, and how could it impact the business? Explain one opportunity that Harvest Hub could exploit to increase its market share. Describe one external threat that may affect Harvest Hub’s operations. Identify and describe four (4) risk response strategies which can be used by a business in the enterprise risk management treatment stage. (8) Identify any six (6) additional governance of risk principles adressed in the King III report not specifically listed by Nedbank Group. (6)Explain how Ubuntu Holdings could benefit from implementing an ERM framework. ( Harvest Hub Ltd is one of the largest food retailers in South Africa, operating more than 100 stores nationwide. The company’s core business is providing low-cost groceries to the middle- and lower-income markets. Despite economic challenges in South Africa, including high unemployment, inflation, load-shedding, social unrest, and political instability, Harvest Hub has continued to grow. A SWOT analysis is a tool that is used to identify strengths, weaknesses, opportunities, and threats in the retail industry in relation to both the internal environment and external environment. As a risk consultant, you have been appointed to perform a SWOT analysis and to answer the following questions Define and explain the importance of operational risk, Identify and distinguish between the three main attitudes towards risk Identify and describe four process activities for risk analysis which can be used by a business in the ERM analysis stage. A South African mining company adopted a new sustainability strategy to improve its public image. However, the board did not actively monitor environmental compliance or community engagement initiatives. A regulatory investigation later revealed environmental violations and community unrest. Assess the board’s responsibility for ethical and effective leadership in promoting sustainable value creation in line with King IV Principle 1 and Principle 4. Structure your response as follows: • Introduction: 3 marks • Evaluation with examples: 12 marks • Suggested actions: 3 marks • Conclusion: 2 marks A reference list of external sources must be provided. What are the key components of an ERM framework that Ubuntu Holdings should implement? Distinguish between key risk indicators and key performance indicators. Use examples to elucidate your answer. Briefly explain the following six process activities which need to take place in the risk evaluation stage. Mrs Jacobs has just been appointed as the new CEO of CALL4U Ltd. She approaches you as the risk manager to gain a better understanding of the implementation of enterprise risk management (ERM) within the company. Compile a report addressed to Mrs Jacobs in which you explain the elements of an ERM structure. Ubuntu Holdings (Pty) Ltd is a medium-sized mining services provider based in Limpopo. The company operates in a highly regulated, high-risk environment and has recently started developing an enterprise risk management (ERM) framework guided by ISO 31000 and COSO principles. In recent years, the company has faced numerous challenges, including regulatory fines, environmental incidents and disruptions caused by labour strikes and energy supply issues. A South African state owned enterprise experienced repeated financial irregularities due to weak internal controls and ineffective audit processes. The board relied heavily on management reports and did not ensure the independence or effectiveness of the audit committee. Allegations of fraud and corruption later emerged, damaging public trust. To restore accountability and transparency, you must assess the board’s responsibility for ethical leadership and effective control in line with King IV Principles 1 and 15. The following subheadings can be used to structure your assessment successfully: • Introduction: 3 marks • Evaluation with examples: 12 marks • Suggested actions: 3 marks • Conclusion: 2 marks A reference list of external sources excluding the study guide and prescribed textbook must be included at the end of the assessment. To manage these risks and to improve strategic decision-making, the board has mandated the adoption of a formal ERM framework. As the chief risk officer (CRO), you are responsible for identifying significant risks, engaging stakeholders, and aligning risk management processes with business objectives. Identify the three primary technology types important to a business and give one example of each When it comes to the perception of risk, groups and individuals might perceive risk differently. Indicate how the Utility Theory explains this phenomenon Mrs Vilakazi has just been appointed as the new CEO of Local Coal Mining Ltd. She approaches you as the risk manager to better understand the implementation of risk management within the company. A South African financial services company has adopted several digital platforms, including a mobile banking app, internet banking, and an online investing portal. A South African financial services company has adopted several digital platforms, including a mobile banking app, internet banking, and an online investing portal. The board, eager to demonstrate innovation, delegated all cybersecurity responsibilities to the IT department and provided limited oversight. Five months after its introduction, the company was subjected to a major cyberattack that compromised sensitive user data, including account numbers and personal identification information. To manage these risks and improve strategic decision-making, you must assess the board’s responsibility for emerging risks in accordance with King IV Principle 11. The following subheadings can be used to structure your assessment successfully: • Introduction: 3 marks • Evaluation with examples: 12 marks • Suggested actions: 3 marks • Conclusion: 2 marks A reference list of external sources (excluding the study guide and prescribed textbook) must be included at the end of the assessment.The board, eager to demonstrate innovation, delegated all cybersecurity responsibilities to the IT department and provided limited oversight. Five months after its introduction, the company was subjected to a major cyberattack that compromised sensitive user data, including account numbers and personal identification information. To manage these risks and improve strategic decision-making, you must assess the board’s responsibility for emerging risks in accordance with King IV Principle 11. The following subheadings can be used to structure your assessment successfully: Compile a report addressed to Mrs Vilakazi in which you briefly explain the difference between an ERM framework, policy, and process Explain the difference between risk removal and risk transfer. Use examples to explain your answer. How does utility theory explain the differences in risk perception between groups and individuals? Access the IoDSA King IV website on myUnisa, read the web version of the IoDSA King IV report, and discuss the following questions on the discussion forum: How does King IV define corporate governance? What are the underpinning philosophies of King IV? Also discuss principle 11: Risk governance and its recommended practices. A South African insurance company introduced artificial intelligence tools to automate claims processing. The board approved the technology investment but did not ensure proper governance frameworks or ethical oversight. Complaints later emerged that the system unfairly rejected valid claims, resulting in reputational damage. You are required to assess the board’s responsibility for technology governance and ethical oversight in accordance with King IV Principle 12. Use the following structure: • Introduction: 3 marks • Evaluation with examples: 12 marks • Suggested actions: 3 marks • Conclusion: 2 marks Include a reference list of external sources at the end of the assessment.