Loading Events

« All Events

  • This event has passed.

Info Sharing Session: People Risk Workshop Objectives, Outcomes & Benefits

28 November, 2019
8:00 am - 10:00 am


28 November, 2019 @ 8:00 am - 10:00 am

People Risk Workshop Objectives, Outcomes & Benefits

Presented by Khosi Mpungose – Managing Director: AAM HR Consulting & Sheralee Morland – CEO: CandidAssure (Pty) Ltd

Thank you very much Khosi and Sheralee for a most passionate, hard hitting, candid and entertaining presentation held at our BarnOwl info sharing event on the 28 November 2019.

unnamed (2)


Today’s presentation really reminded us and emphasized to us that people are major contributors to all types of risk. When we think of ‘people’ risk we think of traditional HR risks such as ‘attracting and retaining the right staff, onboarding, talent management, succession planning, human capital management, education and training, labour unrest, strikes, etc. However when we think about almost any type of risk to our organisation, we see that people risk is a major contributing factor / root cause to things either going right or things going wrong. So whilst there may be debate about what risks are classified as people risk, it is evident that ‘people and their behaviour’ have a causal effect on almost every type of risk within an organisation, a country and the world at large.

So the cliché that ;’it’s all about people’ is as true now as it ever has been, even given the dawning of the age of the technological revolution of robotics, AI (Artificial Intelligence), ML (Machine Learning), genetic engineering etc.

For example if you consider the following 2019 top 10 South African risks as surveyed by IRMSA (Institute of Risk Management South Africa), one realises how many of these risks are influenced by people and their behaviour be it positive or negative:

unnamed (5)

  • Failure of governance in the public sector: people, politics, ethics, corruption, lack of accountability, lack of consequences…
  • Labour unrest and strike action: people…
  • Cyberattacks: people, greed, ethics, criminal intent…
  • Unmanageable fraud and corruption: people, greed, ethics, criminal intent…
  • Structurally high unemployment: poor leadership in many instances, inflexible labour policies, people not working together (business, government and labour (unions) …
  • Growing income disparity and inequality: corruption, fraud, poor skill set / education, lack of policies to stimulate the economy…
  • Inadequate and/or substandard education and skills development: lack of leadership, poor execution, apathy, lack of accountability and consequences…
  • Energy price shock: mismanagement, no leadership, corruption, theft, state capture, greed, criminal, incompetence, lack of consequences…
  • National policy uncertainty/instability: populist politicians not making the correct and / or hard economic decisions, lack of understanding of medium term and long terms consequences…
  • Macroeconomic developments.

An interesting perspective on managing risk:
I personally love the following slide and especially the ‘Unknown Knowns’ which is only too true where people are involved:

unnamed (4)
Known Knowns: Things we are aware of and understand. E.g. an acceptable (manageable) degree of: stock shrinkage, foreign exchange fluctuation etc.

Unknown Knowns: Things we understand but are not aware of e.g. we don’t know something, but somebody else does and they would rather not say anything. A culture of hiding things or ignoring matters that are raised. Warning lights that are ignored. Or an assumption that someone else is dealing with it! E.g. VW emissions scandal, Steinhoff, KPMG, State Capture, broken water pipe/s in your suburb (assumption that someone else is dealing with it) etc.

Known Unknowns: Things we are aware of but don’t understand: e.g. the effect of technology disrupters to our job as we know it today.

Unknown Unknowns: Things we are neither aware of nor understand. E.g. unexpected surprises such as a major catastrophe.

The risk landscape is changing fast. The onset of risk and its consequences cannot be ignored. The root cause of significant losses (e.g. direct financial loss, value destruction, reputational damage) is often directly attributable to people. People risk needs to be a focal point of Risk Management in its own right.

unnamed (3)
In summary:
The following slide is a very clever illustration of people risk being at the root of the tree and influencing and affecting the growth and survival of the tree (organisation, country, continent and world as we know it)!

unnamed (2)

Some ideas around people risk management:

  • People risk needs to be a focal point of Risk Management in its own right,
  • Effective key performance measures need to be in place,
  • Holding people accountable,
  • Consequences for negligent and delinquent behaviour,
  • Effective Leadership (politicians in particular) and the metal to make the hard decisions and not endless populist decisions,
  • Ethical leadership,
  • Less apathy and not turning a blind eye to things that are not right whether they be organisational, social, country or global related,
  • #RiskActivsim

Presentation and Video links:

Please see attached presentation here as well as video link here for more information.

Useful and associated links:

The Biggest Risks Are Sometimes the Ones We Never Talk About (People risks), Presented by Miles Crisp: CEO – Tarsus Technologies Group https://barnowl.co.za/info-sharing/barnowl-information-sharing-session-26th-february-2016/ 

The journey from King I to King IV: Why King IV is not another layer of regulation but creates add-on value. (King IV is copyrighted to The Institute of Directors Southern Africa), Presented by Michael Judin, partner in the Johannesburg based law firm, JUDIN COMBRINCK INC https://barnowl.co.za/event/information-sharing/ 

Human Beings aren’t going anywhere, by Paul van der Struys, BarnOwl business development, August 2019: https://barnowl.co.za/insights/human-beings-arent-going-anywhere/ 

Hack Uncertainty, Presented by Simon van Wyk, Infrastructure Advisory, Aurecon https://barnowl.co.za/info-sharing/barnowl-info-sharing-session-29-august-2019/ 


Thank you:

Once again thank you Khosi and Sheralee for your time and for your informative presentation and thank you to all those who attended our info sharing session. We look forward to seeing you at our next info sharing session. Please keep a look out for our upcoming events at: https://barnowl.co.za/events/ 

Kind regards

Jonathan Crisp

Director – BarnOwl GRC and Audit software

About Khosi Mpungose, Managing Director, AAM HR Consulting:

unnamed (1)



About Sheralee Morland, CEO, CandidAssure (Pty) Ltd:


About BarnOwl:

BarnOwl is a fully integrated governance, risk management, compliance and audit software solution used by over 200 organisations in Africa, Australasia, Europe and the UK. BarnOwl is a locally developed software solution and is the preferred risk management solution for the South African public sector supporting the National Treasury risk framework.

Please see www.barnowl.co.za for more information.

Subscribe to BarnOwl's Information Portal

Subscribe to BarnOwl’s information portal today and receive our monthly newsletter with the latest GRC and audit insights, industry updates, priority access to exclusive events, tip of the month and more straight to your inbox!


GRCReady is the official provider of risk management content for the BarnOwl GRC software solution. GRCReady provides extensive risk libraries and risk maturity checklists/surveys which are integrated with BarnOwl.

GRCReady, based in Australia, offers a comprehensive and holistic library of products and associated services including templates, policies, procedures, guidelines, checklists etc.t to help owners and directors of SMEs, startups and corporates to satisfy their corporate governance, risk management and regulatory compliance needs.

By integrating GRCReady's rich content libraries into BarnOwl's GRC software, we are able to offer our clients a state of the art, turnkey GRC solution.

GRCReady provides, arguably, the most comprehensive risk and governance maturity assessment framework with detailed steps and artefacts. BarnOwl's survey and action plan portal provides a simple and effective way to monitor and report on your current state of risk maturity and suggest and drive remedial action plans to take you to your desired state of risk and governance and maturity.

By integrating GRCReady's risk libraries with the BarnOwl GRC software, means that you don't have to start from scratch. In addition, ongoing updates and insights keep you informed and up-to-date on best practices.



Season Rhyrhm is BarnOwl's preferred partner in Botswana assisting with BarnOwl implementations, support services and client relationship management.

Season Rhythm is an established and distinguished player in the ICT sector in Botswana, specialising in a range of cutting-edge solutions. Season Rhythm leverages BarnOwl to provide tailored GRC&A services to businesses in Botswana facilitating:

  • Governance: Enabling organisations to establish and uphold effective governance structures, ensuring transparency and accountability in decision making processes.
  • Risk Management: Equipping businesses with tools to identify, assess and mitigate risks, safeguarding against potential threats and ensuring continuity in a business environment.
  • Compliance: Ensuring adherence to regulatory frameworks and industry standards, protecting businesses from non-compliance penalties and fostering trust among stakeholders.
  • Audit: Streamling the audit process with comprehensive tools for planning, execution and reporting, driving efficiency and accuracy in internal audit and compliance assessments.
  • www.sr.co.bw/ict


BarnOwl works closely with NSA in the field of GRC and assurance.

NSA is an education and risk & assurance advisory services provider, consisting of a team of professional consultants and facilitators who have been hand-picked on experience and expertise. NSA services include:

  • Strategic intervention: 30 expert consultants facilitating strategic planning, combined assurance, effective governance and risk management assignments.
  • Continuous professional development: CPD training for internal auditors, external auditors, accountants, risk managers, government officials, and psychologists.
  • Online learning: accredited training for the local government sector, including the Municipal Financial Management Program and Supply Chain Management.
  • Online skills development: skills in demand for 2030, including cybersecurity, Protection of Personal Information, Artificial Intelligence, Robotics and programming.

BarnOwl and NSA work closely with our clients to align and enable best practice GRC and assurance framework & methodologies within BarnOwl. NSA regularly presents online information sharing sessions together with BarOwl.



Nico Technologies is BarnOwl's preferred partner in Malawi assisting with BarnOwl implementations, support services and client relationship management.

Nico Technologies Limited is an established IT products and services provider in Malawi, specialising in managed IT services, IT infrastructure services, IT project management, digital solutions, digital transformation and IT advisory.

Nico Technologies uses BarnOwl extensively within their own organisation to automate and manage their own risk and compliance functions.



Morgan Solus is BarnOwl's preferred business continuity specialist consulting firm with its 'BCM toolkit' software. BarnOwl GRC together with the BCM toolkit, provides a comprehensive risk management and BCM software solution.

Morgan Solus is a specialist consultancy firm focusing on risk, resilience and continuity. Morgan Solus's core services are centred on resilience, crisis management, business continuity (BCM), IT services continuity and disaster recovery (DRP) and training.

The BCM toolkit ensures a consistent approach to implementing BCM and IT disaster recover and cuts down implementation timelines by 60% whilst driving up successful outcomes.

BarnOwl's extensive GRC and assurance functionally coupled with Morgan Solus's BCM toolkit provide the ultimate risk management and BCM software solution.



Arbutus Analytics is Barnowl's preferred data analytics software. BarnOwl GRC integrated with Arbutus Analytics, provides the ultimate in continuous risk monitoring.

Arbutus Analyzer is a powerful data access and analysis solution specifically developed for auditors, business analysts, and fraud investigators. Its robust performance and user-friendly features offer you the ability to access and analyse data quickly and simply.

BarnOwl GRC, integrated with the real-time metrics from Arbutus provides a strategic early warning system driving preventative and predictive capability facilitating effective business decision making business improvement.

www.arbutussoftware.com with local sub-sahara African distributor www.betasoftware.co.za


Barnowl works closely with Pax Resilience in the field of GRC and sustainability.

Pax Resilience offers solutions in risk, resilience and cyber security. Pax Resilience strive to create peace of mind by assisting you to build the resilience in your organisation so essential to survive and thrive in the volatile, uncertain, complex and ambiguous world we live in.

Pax Resilience regularly presents online information sharing sessions together with Barnowl.



Paige Law is the official provider of compliance content for the Barnowl GRC software solution. Paige Law provides an extensive Library of South African acts including provisions [CRMPs] and checklists which are integrated with Barnowl.

Paige Law specialises in compliance, Commercial Law, Legal process consultancy, managed legal services and POPIA/ GDPR.


Registered Address

75 Malibongwe Drive
Linden Ext
South Africa

Postal Address

PO BOX 3009


+27 (0) 11 540 9100


More Information: info@barnowl.co.za
Product Support: support@barnowl.co.za

Let Us Contact You
Let Us Contact You
I grant BarnOwl permission to contact me for marketing purposes*
*You will receive BarnOwl monthly newsletters & invitations to online events. You can unsubscribe at any time.


If you need assistance with your BarnOwl software, there are three channels available to you:



You will be emailed a ticket number from our issue tracking system and your request will be managed in
this ticket until it is completed.


You can view all your existing tickets or create new ones.


+27 (0) 11 540 9112
to speak to a support consultant

Let Support Contact You
Let Support Contact You