CORPORATE GOVERNANCE

• Directorate
• The Board
• Board Committees
• Operating Board
• Risk Management
• Internal control and Audit
• Remuneration Report
• Stakeholder Relations
• Whistle-blowing
• Legal Compliance
• Code of Ethics

Risk Management

The primary identified risks to the group and the management strategies to contend with them, are:

Customer base retention

Risk = retaining our existing customers and attracting new customers.
How we manage this risk: the establishment of a customer relationship management department with the specific objective of maximising customer value and duration of relationship by creating an unbeatable customer experience over all legs of the relationship life cycle.

Supply chain

Risk = the inability to provide our customers with the desired merchandise at the right price and time as a result of deficiencies in the management process of the supply chain.
How we manage this risk:

• considering all possible occurring events and factors that can cause a disruption in our supply chain;
• examining possible scenarios from past experience and analysing changing market forces;
• creating solutions culminating in improved stock turn and customer satisfaction;
• implementing changes in the supply chain methodically within appropriate and achievable time frames; and
• continuing significant support for our local apparel supplier base in order to ensure sustained merchandise manufacture and supply.

Further detail can be found in the Group Logistics section of the 2009 annual report.

Fashion trends

Risk = the misreading of fashion trends by the merchandise teams.
How we manage this risk:

• development and retention of talented merchandise teams who keep abreast of global fashion trends;
• extensive input from international fashion fairs, consultants, the internet, as well as local fashion research;
• based in the southern hemisphere, benefiting from the knowledge of the forthcoming season’s successful trends in the northern hemisphere; and
• utilising advanced systems to ensure that purchasing volumes are correct.

Information technology (IT)

Risk = ever-increasing reliance upon computer systems necessitates a stable, secure and uninterrupted computer infrastructure.
How we manage this risk:

• constant senior management review and updating of the IT strategic plan;
• maintaining a comprehensive, regularly-tested disaster recovery plan that should provide seamless computing capacity in the event of a disaster, involving the establishment of secure computer suites in separate locations with adequate capacity to provide backup access to critical systems;
• strict change control procedures for all system enhancements;
• conducting risk assessments for all significant projects;
• ensuring that access controls are implemented and enforced;
• ongoing consolidation and standardisation of applications and infrastructure technology;
• an ongoing upgrade and technology “refresh” programme to ensure that our applications and infrastructure are current and supported;
• instilling employee awareness of the need for responsible use of computer facilities (all employees being required to abide by a formal computer code of conduct);
• ongoing emphasis at all levels on enhancing IT security from all potential threats, both internal and external; and
• adopting strong IT governance policies and best practice IT service delivery models.

Crime

Risk = crime, particularly armed and violent crime, which continues unabated, creating losses and, in particular, trauma to our staff.
How we manage this risk:

• continually reviewing security at stores;
• providing staff training on how to deal with armed robberies;
• maintaining a strong focus on syndicated identity fraud via a dedicated forensics department;
• maintaining regular communication with anti-crime fora to ensure that we minimise the impact of crime in all of its forms; and
• utilising an anonymous toll-free whistle-blowing facility for the reporting of criminal acts.

Shortage of skills and expertise

Risk = without insightful, specialised and talented staff at all levels, our continued success and growth through innovation would be endangered.
How we manage this risk:

• maintaining an effective nominations committee for succession planning and appointment of senior executives and board appointments;
• ensuring that processes are in place to attract, retain and develop high-quality staff within an environment that can satisfy ambition; and
• having access to a pool of skills in all key areas via our divisionalised structure, which lends itself to seamless resource transference.

Bad debts

Risk = within the context of the current financial environment and the threat of escalating unemployment, there is a risk of increasing bad debt.
How we manage this risk:

• Account origination - credit applications are reviewed for fraud indicators, and assessed against NCA-compliant internal scorecards, credit bureau scores, and verification of employment where necessary.
• Account management - analytic decision systems determine appropriate collection strategies, approved credit line adjustments and authorisations by utilising internal behavioural and credit bureau scores.

Systems and strategies are subject to ongoing management review within both of the above risk areas.

Business continuity

Risk = the loss of a major head office facility or distribution centre could impact upon critical business functions.
How we manage this risk:

• maintaining separate head office buildings and distribution facilities, and providing backup facilities for critical functions;
• splitting the computing capacity over four server rooms in separate locations;
• maintaining current business continuity plans for all trading and service divisions;
• maintaining comprehensive physical protection measures; and
• maintaining appropriate insurance cover.