SASOL Integrated Report 2025_Final_28 August 2025 - Flipbook - Page 31
INTRODUCTION
ABOUT SASOL
STRATEGIC OVERVIEW
PORTFOLIOS
ESG
REMUNERATION REPORT
DATA AND ASSURANCE / ADMINISTRATION
RISK MANAGEMENT
RISK MANAGEMENT IS EMBEDDED IN SASOL’S STRATEGIC AND OPERATIONAL DECISION-MAKING PROCESSES
Our commitment
Enterprise Risk Management (ERM) Framework
Enterprise risk management (ERM) is embedded across all
levels of the organisation to support delivery on our strategy
to strengthen our foundation and grow and transform our
portfolio. Guided by the Enterprise Risk Management (ERM)
Framework and One Sasol ERM Approach, we manage risks
and opportunities within defined financial risk appetite and
tolerance levels, aligned with our Purpose and Group priorities.
Across our business we apply a standardised, enterprise-wide process to identify, assess and respond to material risks, both
strategic and performance-related, across short- medium- and long-term horizons. This enables risk-based decision-making in a
dynamic operating context and supports Sasol’s strategy by proactively managing Group material risks that may impact current
performance and future strategic ambitions. By managing risk we position the Company from a performance and strategic
perspective to unlock future opportunities. We regularly assess our risk profiles and related responses to ensure they remain
relevant ensuring a dynamic risk process appropriately aligned across all time horizons.
Our approach
We continuously assess our internal and external context, balancing controllable
response capabilities with mitigation of externally driven risks. Our structured,
ongoing process enhances foresight, resilience, and risk-based decision-making to
support long-term value creation.
Risk intelligence plays a key role - curated insights and expert views are integrated
into reporting to inform strategic and operational decisions. We are maturing our
Combined Assurance Model to strengthen coverage over material risks, while our
advancing Business Continuity Management (BCM) programme - supported by
scenario planning and simulations - ensures preparedness for unforeseen crises.
Together, these elements form a cohesive system that enables effective risk
management across time horizons, reinforcing responsible governance and
sustainable performance.
Plan, Do, Review and Improve Model (PDRI)
1. Plan – Identifying risks
A Understand the business context
A Identify the relevant risks and
key responses associated with
delivery of business objectives
(short, medium and longer term)
1
A Monitor status of risk events
Risk-based
decisionmaking in
a dynamic
operating
context
A Understand and assess the risk
events
4. Improve – Risk management
improvements
A Improve risk management process
A Analyse and share learnings
A Develop action plans to improve
risk management effectiveness
and risk maturity
2
2. Do – Managing risks
A Execute key responses and
management action plans
4
3
3. Review – Risk governance and
assurance
A Provide governance and assurance
over the risk management process
and key responses
A Report on risks and key responses
as per the governance framework
Embedding a strong risk culture
We foster a risk-aware culture where risk management is embedded in how we operate and make decisions.
LEADERSHIP
COMMITMENT
CLEAR
COMMUNICATION
TRAINING AND
AWARENESS
DEFINED
ACCOUNTABILITY
PROCESS
INTEGRATION
TECHNOLOGY
ENABLEMENT
Senior leaders actively
champion risk management,
setting the tone for
accountability and
reinforcing a risk-aware
culture across the
organisation.
Our risk appetite and
reporting structures are
clearly communicated
and aligned with our
strategic objectives and
top priorities. We promote
an open environment
where employees are
encouraged to raise risks
without fear of reprisal.
We conduct targeted training
and awareness initiatives
to equip employees and
stakeholders with knowledge
and tools to fulfil their risk
responsibilities effectively.
Assign defined roles and
responsibilities across all
levels or the organisation,
ensuring accountability
and effective execution of
risk responses.
Risk identification and
response processes are
embedded in core business
processes, including
strategic planning, project
execution and operations,
ensuring risk-informed
decision-making.
Leverage technology and
digital tools to integrate risk
management seamlessly
into workflows to achieve
efficiency and effectiveness
gains.
SASOL INTEGRATED REPORT 2025
30
EMBEDDING
RISK ACTIVITIES
Conduct regular risk
assessments to support
management plans and
activities, enabling agile
responses to emerging
challenges in a dynamic
environment.
