Safaricom Twaweza

ANNUAL REPORT 2018

Chairman's Statement CEO's Statement Taarifa ya Mwenyekiti Taarifa ya Mkurugenzi Mkuu
Leadership
Who Leads Us Who Governs Us
Corporate Governance Risk Management
Enterprise Risk Management Risk Management Framework Risk Governance
M-Pesa
Our Strategic Pillars
Customer First
Person To Person Reversals My Safaricom App Jitambulishe - Leveraging Voice Biometrics To-Boost Security
Relevant Products
Partnering To Deliver Video Content Safaricom Digital TV and Internet Box Fixed Data – Fibre to the Home (FTTH) Songa Music App Safaricom QR Code Safaricom Platinum – For the Discerning Professional How we Enhanced M-PESA For Visually Impaired Customers Relevant Products and Services
Operational Excellence
Daraja our bridge to M-PESA’s future Safaricom introduces 4G+ Ookla M-PESA certification
Our Brand Assets
Safaricom marks 5 years in Deaf Half Marathon sponsorship Breaking the two-hour marathon barrier Safaricom Athletics Series The Safaricom Marathon in Lewa SOYA Chapa Dimba SKIZA Safaricom International Jazz Festival Turned Five
Our People
Revamping our culture
Our Social Impact
The M-PESA Foundation: Large Scale Programmes Partnering with Communities: Our Foundations
Our Sustainable Future
Focus on Our Four Material Matters Integrating the Sustainable Development Goals: Our nine priorities Sustainability at Safaricom
Our Technology
Women In Technology Leaving No One Behind Maintaining our lead with the best technology Digital transformation
Our Enterprise
The digital farmer of the future, today Fibre to the Business (FTTB) M-PESA for Businesses MASOKO M-TIBA Shupavu 291

Our risk management framework

We have a clear framework for identifying and managing risk, both at an operational and strategic
level. Our risk identification and mitigation processes have been designed to be responsive to the everchanging
environments in which we operate.

Our risk management framework that is aligned to the ISO 31000 in our Risk Management Framework, allows us to identify, measure, manage and monitor strategic and operational risks across the business. The framework provides our management with a clear line of sight over risk to enable informed decision making. We continuously review our risk management framework which provides the foundation and organizational arrangements for identifying,
treating, reporting, monitoring, reviewing and continually improving risk management
throughout the organization. The key components of the framework are outlined below;

 

Establishing the context

We begin by defining the external and internal parameters to be taken into account when managing risk and setting the scope and risk criteria for the risk management policy.
Our external context includes our external stakeholders, local, national, and international environment, and other external factors that influence our objectives. The internal context on the other hand includes our internal stakeholders, our approach to governance, our contractual relationships, our capabilities, culture, and standards.

 

Identify

Risk assessments are conducted twice every year, in conjunction with the business units and other stakeholders. We undertake ad hoc risk assessments that are necessitated by the ever changing environment we operate in.

Measure

We have a standardized risk scoring and categorization process that makes reference to our risk appetite that has
been set by the Board. The measurement takes in to account both the probability of occurrence and potential impact should the risk crystalize.

Manage

We manage risk by implementation of appropriate mitigations and controls to eliminate the risk or reduce the impact of likelihood of the risk. Effectiveness of control and oversight is tested across the “three lines of defence”