The Board is ultimately accountable for the Group's risk management process and system of internal control. In terms of a mandate by the Board, the Audit and Risk Committee monitors the risk management process and systems of internal control of the Group. The Board oversees the activities of the Audit and Risk Committees of Mediclinic Southern Africa, Hirslanden and Emirates Healthcare, the Group's external auditors and the Group's risk management function as delegated to the Audit and Risk Committee.

The Enterprise-Wide Risk Management ("ERM") policy is benchmarked against the international COSO (Committee of Sponsoring Organisations of the Treadway Commission) framework and complies with the recommendations of the King II report, defines the risk management objectives, methodology, process and the responsibilities of the various risk management role-players in the Group. The objective of risk management in the Group is to establish an integrated and effective risk management framework where important risks are identified, quantified and managed in order to achieve an optimal risk/reward profile. An integrated approach ensures that risk management is incorporated into the day-to-day operational management processes and therefore allows management to focus on core activities.

The Group has in place a comprehensive system of internal controls which is designed to ensure that risks are mitigated and that the Group's objectives are attained. The system includes monitoring mechanisms and ensures that appropriate actions are taken to correct deficiencies when they are identified.