BarnOwl Info Sharing Insight: People Risk Workshop Objectives, Outcomes and Benefits with Khosi Mpungose

December 4, 2019

BarnOwl Info Sharing session: 29 August 2019

People Risk Workshop Objectives, Outcomes & Benefits

Presented by Khosi Mpungose – Managing Director: AAM HR Consulting & Sheralee Morland – CEO: CandidAssure (Pty) Ltd

Thank you very much Khosi and Sheralee for a most passionate, hard hitting, candid and entertaining presentation held at our BarnOwl info sharing event on the 28 November 2019.

unnamed (2)


Today’s presentation really reminded us and emphasized to us that people are major contributors to all types of risk. When we think of ‘people’ risk we think of traditional HR risks such as ‘attracting and retaining the right staff, onboarding, talent management, succession planning, human capital management, education and training, labour unrest, strikes, etc. However when we think about almost any type of risk to our organisation, we see that people risk is a major contributing factor / root cause to things either going right or things going wrong. So whilst there may be debate about what risks are classified as people risk, it is evident that ‘people and their behaviour’ have a causal effect on almost every type of risk within an organisation, a country and the world at large.

So the cliché that ;’it’s all about people’ is as true now as it ever has been, even given the dawning of the age of the technological revolution of robotics, AI (Artificial Intelligence), ML (Machine Learning), genetic engineering etc.

For example if you consider the following 2019 top 10 South African risks as surveyed by IRMSA (Institute of Risk Management South Africa), one realises how many of these risks are influenced by people and their behaviour be it positive or negative:

unnamed (5)

  • Failure of governance in the public sector: people, politics, ethics, corruption, lack of accountability, lack of consequences…
  • Labour unrest and strike action: people…
  • Cyberattacks: people, greed, ethics, criminal intent…
  • Unmanageable fraud and corruption: people, greed, ethics, criminal intent…
  • Structurally high unemployment: poor leadership in many instances, inflexible labour policies, people not working together (business, government and labour (unions) …
  • Growing income disparity and inequality: corruption, fraud, poor skill set / education, lack of policies to stimulate the economy…
  • Inadequate and/or substandard education and skills development: lack of leadership, poor execution, apathy, lack of accountability and consequences…
  • Energy price shock: mismanagement, no leadership, corruption, theft, state capture, greed, criminal, incompetence, lack of consequences…
  • National policy uncertainty/instability: populist politicians not making the correct and / or hard economic decisions, lack of understanding of medium term and long terms consequences…
  • Macroeconomic developments.


An interesting perspective on managing risk:

I personally love the following slide and especially the ‘Unknown Knowns’ which is only too true where people are involved:

unnamed (4)

Known Knowns: Things we are aware of and understand. E.g. an acceptable (manageable) degree of: stock shrinkage, foreign exchange fluctuation etc.

Unknown Knowns: Things we understand but are not aware of e.g. we don’t know something, but somebody else does and they would rather not say anything. A culture of hiding things or ignoring matters that are raised. Warning lights that are ignored. Or an assumption that someone else is dealing with it! E.g. VW emissions scandal, Steinhoff, KPMG, State Capture, broken water pipe/s in your suburb (assumption that someone else is dealing with it) etc.

Known Unknowns: Things we are aware of but don’t understand: e.g. the effect of technology disrupters to our job as we know it today.

Unknown Unknowns: Things we are neither aware of nor understand. E.g. unexpected surprises such as a major catastrophe.

The risk landscape is changing fast. The onset of risk and its consequences cannot be ignored. The root cause of significant losses (e.g. direct financial loss, value destruction, reputational damage) is often directly attributable to people. People risk needs to be a focal point of Risk Management in its own right.

unnamed (3)

In summary:

The following slide is a very clever illustration of people risk being at the root of the tree and influencing and affecting the growth and survival of the tree (organisation, country, continent and world as we know it)!

unnamed (2)

Some ideas around people risk management:

  • People risk needs to be a focal point of Risk Management in its own right,
  • Effective key performance measures need to be in place,
  • Holding people accountable,
  • Consequences for negligent and delinquent behaviour,
  • Effective Leadership (politicians in particular) and the metal to make the hard decisions and not endless populist decisions,
  • Ethical leadership,
  • Less apathy and not turning a blind eye to things that are not right whether they be organisational, social, country or global related,
  • #RiskActivsim

unnamed (1) unnamed

Presentation and Video links:

Please see attached presentation here as well as video link here for more information.

Useful and associated links:

The Biggest Risks Are Sometimes the Ones We Never Talk About (People risks), Presented by Miles Crisp: CEO – Tarsus Technologies Group
The journey from King I to King IV: Why King IV is not another layer of regulation but creates add-on value. (King IV is copyrighted to The Institute of Directors Southern Africa), Presented by Michael Judin, partner in the Johannesburg based law firm, JUDIN COMBRINCK INC
Human Beings aren’t going anywhere, by Paul van der Struys, BarnOwl business development, August 2019:
Hack Uncertainty, Presented by Simon van Wyk, Infrastructure Advisory, Aurecon

Thank you:

Once again thank you Khosi and Sheralee for your time and for your informative presentation and thank you to all those who attended our info sharing session. We look forward to seeing you at our next info sharing session. Please keep a look out for our upcoming events at:

Kind regards
Jonathan Crisp
Director – BarnOwl GRC and Audit software

About Khosi Mpungose:

unnamed (1)

Khosi Mpungose
Managing Director – 072 278 8873 /

About Sheralee Morland, CEO, CandidAssure (Pty) Ltd:


Sheralee Morland
Chief Executive Officer – 074 117 1262 /

About BarnOwl:

BarnOwl is a fully integrated governance, risk management, compliance and audit software solution used by over 200 organisations in Africa, Australasia, Europe and the UK. BarnOwl is a locally developed software solution and is the preferred risk management solution for the South African public sector supporting the National Treasury risk framework.

Please see for more information.