1. A strong view exists for the need for singular sovereign legislation that governs all aspects of OEs in particular, motivated by the desire for clear operational guidance that practically adds the best value to deal with the changing aspects of SOEs (Kanyane & Sausi, 2015:33) (as per the legislation section in Chapter 2). There should be legislation that governs CG practices in the public sector in SA that each public official employed within SOEs and other public entities should follow. A bill on CG should be deliberated on in Parliament to create awareness among cabinet members, and members of parliament. This will be educational, as those managing portfolios in all the different areas in the country (ministers and their sub-ordinates) are made aware of what is expected of them and can assist them to enforce the principles of good governance. A strong view exists for the need for singular sovereign legislation that governs all aspects of SOEs in particular, motivated by the desire for clear operational guidance that practically adds the best value to deal with the changing aspects of SOEs (Kanyane & Sausi, 2015:33). If SOEs cannot have a single sovereign legislation that governs its entirety, the researcher, would recommend that codes such as the King 4 Report on Corporate Governance, COSO, and ISO 3000 become legislation passed within SA that SOEs and other public entities must enforce within. By legalising CG codes, the legalisation thereof could ensure accountability among SOE leadership and further indicate the repercussions for those who are guilty of unethical practices employed within SOEs. As a start, a bill should be brought before parliament on which to debate, and parliament should pass the bill on governance codes that must be followed by each public official.
2. Bronstein and Oliver (2015:7) and Kanyane and Sausi (2015:33) state that SOEs face various hurdles while operating under the inflexible PFMA environment, because of added regulation that includes government/taxpayer funding without the expectancy of profit-making. The PFMA should be revisited to incorporate mitigative practices to latest financial management and governance threats faced by public sector entities.
3. As risks are elements that challenges the existence of an entity, the IAF must devote a sufficient staff complement to the audit of risk management practices in SOEs, as
122
this is an area where assurance is required in excess of reasonability. All elements related to risk management practices, should be tested. As stated in Chapter 2, page 15, PwC (2015:6) states that stakeholders of companies rely on the IAF to engage fully in the maximum impactful business requirements to propose positive views on all risks faced by the entity, which includes strategic, compliance, financial, and operational risks, and to offer commendations on how to diminish risks before they happen.
4. Tender standards and policies existing within SOEs, should be audited for alignment with Tender standards and practice guidelines prescribed by governance codes like the PFMA and King 4 Report on Corporate Governance, on a regular basis. This would allow the IAF to identify the gaps in the standards followed currently, that should be filled/amended.
5. Recruitment standards that governs the recruitment of employees to SOEs, should be audited for alignment with various CG standards and prescribed practices like the King 4 Report on Corporate Governance and the PFMA, that guides the recruitment functions. This would allow the IAF to identify the gaps in the standards currently followed, that should be filled/amended.
6. Within each audit performed in SOEs, the IAF must make sure that they are in possession of CG standards and practice guidelines, which to test alignment to.
7. Independent Auditors should regularly audit IT systems and IT infrastructure of SOEs, to test the gaps in IT infrastructure and IT controls that can be mitigated, in order to sure IT infrastructure and controls performs adequately and efficiently, and will assist the SOE in achieving its strategic objectives.
8. An extensive study should be done on the criteria used to recruit board members to the board of directors. Currently, members of boards are chosen based on their political affiliation, which is not necessarily in the best interest of the SOE. Cabinet appoints CEOs to SOEs (Chapter 2, page 13). The board should consist of qualified and skilled individuals who are independent of the political sphere in SA and the most suitable for the position. Before appointing board members to lead SOEs, rigorous lifestyle audits should be performed on the individual, which is a tool that can be used to assist the SOE’s recruitment process being conducted ethically in accordance to governance standards described throughout the course of this research study. SOEs
123
should ensure that the most ethical individual is appointed to power positions within SOEs.
9. The board of directors should follow a hands-on approach on operations within SOEs, and not leave the operational management to managers. After all, the board of directors are composed of qualified and skilled individuals who may provide valuable guidance within the ambits of their respective portfolios.
10. Regular promotions of ethics and values within the SOEs should be conducted by the management upon instruction from the board of directors, highlighting what the SOE aims to achieve, and that these standards and values will contribute significantly towards the achievement thereof.
11. The planning process of SOEs should be audited regularly, like a 5-year strategic plan of the entity that may exist, in order for the IAF to test whether the SOEs are en- route to realise strategic objectives, planned for currently.
12. The Audit Committee that serves SOEs, should be appointed by an Independent entity in Government.
13. The Audit Committee should continuously promote the Internal Audit Charter to the board of directors, which highlights the role of the IAF in SOEs, in order to educate the board on the importance of this function, that should be prioritized by the board.
The Audit Committee should also pursue a hands-on approach towards the IAF, in order to provide the necessary assistance to the IAF, that would see the IAF achieve their goals, and furthermore, exceed the expectations, that can only have a positive impact on SOEs.
14. The IIASA should make training programmes available to all individuals within the combined assurance model of entities, to educate professionals that hold other qualifications within other professions, on acceptable/ethical practice standards, risk, governance, and good control environments.
15. The IIASA should expose its members to international platforms where networking can take place among people from different types of countries, for example, first world vs third world, where information can be shared about the latest trends within operational environments to understand different trends to risk, control, and governance experienced by IA professionals in other countries. SA is still a third- world country whose economy is not in the same category as the economy of China.
To boost the SA economy, IA professionals should be exposed to all types of threats that can help increase awareness and motivate IA Professionals to increase/enhance their proficiency, while addressing challenges the SA economy face.
124
16. Each SOE and public entity should have an IAF; IAFs should not be outsourced.
Having an IA division present within each SOE and public entity will ensure that greater monitoring and testing can be actioned within the SOE, ensuring better assurance evaluated on functions, which will result in achieving of SOE objectives that exceeds expectations, and the mitigation of risk at its most infant stages.
17. The IAF should increase its roadshows within SOEs, and prioritise these roadshows to educate non-IAF employees on what the IAF does and the potential value it could provide to the organisation.
18. Surprise independent IAF reviews should be conducted throughout the course of the financial year on the IAF, instead of the regular 3-5 years when independent reviews normally occur. This will assist the IAF in enhancing their proficiency on a regular basis, by incorporating the lessons learnt from these independent reviews. The audit committee, with their extensive experience, may be able to conduct these reviews if independent reviews cannot be conducted regularly.
19. SOEs should be decentralised, a concept that may encourage the micro- management of SOEs, at Provincial level, which is greatly needed, if the negative publicity and financial results of SOEs, with specific reference to tender irregularities, risk and the lack of leadership are believed. Although political interference may be imminent, the decentralisation of SOEs may be a starting point towards ensuring greater ethical practices are incorporated, adopted and adequately sustained within SOEs. Through decentralisation, greater monitoring/micro-management can be exercised, which the IAF will encourage and promote as part of their mandate to recommend ways to improve Internal Controls, Risk Management and Governance within the entity.