Information and technology governance

The Board is responsible for the Group's technology and information governance risk and compliance. The Board delegated its responsibility of information governance risk and compliance to the Executive Committee for the implementation of IT governance, which developed and adopted an IT governance framework. The Blue label IT Governance Framework was informed by a number of best-practice reference frameworks, including King IV, ISO/IEC 38500:2015, COBIT, and the IT Infrastructure Library (ITIL) which also includes NIST and ISO 27001 for Cyber Security. This framework supports governance and continuity as well as our digital innovation and growth agendas.

Technology as strategic transformation driver

Back-office transformation investments at Blue Label

Digital adoption has taken a quantum leap with large-scale rollouts of conferencing, signature, and workplace tools.

A fresh human resource management platform was rolled out to all employees, emphasising our commitment to empowering our staff.

Security vigilance and a zero tolerance for cyber crime kept our core infrastructure and services functioning with 100% uptime and no cyber breaches.

Transformation of market-facing platforms

Our platforms will leverage our new technology backbone and centralised API gateway architecture. This allows the Group to commercialise integrations faster and on the best available technologies. Most importantly, it now enables accelerated business model transformation where necessary.

We concluded our active-active implementation, hybrid-cloud guardrails, and are able to replicate services across failover paths between data centres.

Our new code delivery and management tools and methodologies enable agile software development and release, which allows us to compete aggressively by launching minimum viable products to the market faster.

Investment into various platform innovation initiatives across subsidiaries will result in advantageous business model evolutions during the next three years:

  • Ticketpro progressed well, launching its world-first fully flexible events platform which will cater for any form of event (seated or unseated, physical or virtual, local or international) and which will be offered as a white-labellable technology platform.
  • Transaction Junction now offers a leading 3D-Secure payment Gateway, processes person-to-person push payments with numerous retailers, and concluded the development of its own PCI-certified switch called iMbeko.
  • Blue Label Connect will soon launch its Rubrix platform, an online service where consumers will be able to purchase any contract from any mobile network and multiple additional consumer goods and services.
  • Our Ringas ubiquitous airtime product, launched by TPC, reached 20 million consumers in less than a year and will become a key differentiator for the transformation of the bulk print industry through new software planned to go to market this year.
  • The success of the new T3T Self-Service agent system will be expanded to empower church communities with direct ordering and loyalty, extending the reach of our full product bouquet.
  • We are building out our financial services' digital product set with buy-now pay-later software capabilities, yet to be revealed to the market.
  • BLDS is changing the South African call centre landscape with a fully featured, safe, online, VOIP-enabled call centre service marketplace for businesses and agents.
  • Blue Communications is launching its state-of-the-art zero-rated proxy services, allowing businesses to white-list its applications and websites to gain digital adoption from cost-sensitive consumers.
  • Cigicell created Unipay, a safe and convenient online one-stop-shop for all consumers' bill payments.
  • BluNova launched its scoring engine and drastically enriched its datasets, paving the way for the launch of our alternative scoring of the South African market.
  • BLD and GCRS are extending their product bouquet, making virtual products such as Netflix and Uber vouchers available.
  • We remain steadfast on our robotics process automation (RPA) initiatives, empowering our workforce to do more with their time, while leveraging the power of technology to automate repeatable tasks.

Continued delivery of improved application programming interfaces, converged mobility design and payment mechanisms, robotics process automation, decisioning, embedded big data analytics, enhanced cybersecurity mechanisms and distributed cloud formation remains key to the democratisation of technology within our business growth and diversification strategies.

These strategic elements are underpinned by our constant drive towards customer-centric design and user experience, which stands central to our world-class business solutions across our national and international businesses.

Scalability and performance

Significant additional investments into our technology platforms, computing edge and hybrid cloud strategy have ensured continuous stability while catering for significant growth in annual transactional volume throughput. We achieved 99.5% uptime for market-facing proprietary systems and 99.95% for business-facing systems and shared infrastructure.

We remained vigilant on our strategic information technology mandates of continuous service improvement, governance, operational enhancement, platform scalability and infrastructure enhancement.

Risk and compliance

The latest thorough IT General Controls (ITGC) review, concluded by PwC in April 2021, reflects further improvement of internal controls at a high-maturity level of 95%. The results are a testimony to Blue Label's market-leading IT practices, following major recent operating model changes undergone to support our strategy.

It also proves the effectiveness of the increased controls designed and operated during the year. We renewed our governance framework to ensure that the maximum level of maturity can be maintained and to drive control delivery through project portfolio and systems change management (which now ensures alignment of technology investments with governance controls). Cybersecurity threats remain a key ongoing risk and forms a significant part of our technology investments.

Stringent standards for information and infrastructure security controls have been reviewed and reinforced. We proactively assess our vulnerabilities and risk of exposure on an ongoing basis while driving cyber risk prevention, assessment and education programmes to maintain vigilance. We are embedding security as a core component within platform delivery via governed development mechanisms.

Our big data programme and data practices complies with POPIA.

Furthermore, we revitalised our approach to attracting, developing and retaining top skills and talent. This resulted in the sourcing and retaining of talent with skills targeted at delivering and managing modern digital software technologies. It remains vital in our quest to maintain and support legacy environments while continuously adapting and supporting newer technologies with the best-in-class technology staff. Balancing the technological rate of change through a capable technology workforce, through constant resource balancing, remains a crucial basis for predictable service delivery and business growth and transformation objectives.

An active strategy and retention programme are in place to mitigate South African IT human capital retention risk. We are mindful of MICTSETA's Scarce and Pivotal Skills Lists and Sector Skills Planning research, which classifies skills across the IT spectrum - including IT managers, project managers, developers, web design professionals, programmers, networking and security engineers and data scientists - as scarce in South Africa. The sharp rise in the emigration of skilled IT workers to international markets contributed to the preliminary findings of a 20% annual increase in emigration statistics for this portion of the skilled South African workforce in 2020 and continued its trajectory in 2021.