Independence Group Sustainability Report 2019

IGO Management System IGO maintains a documented management system based on AS/NZ ISO standards. Our system is informed by a hierarchy of ideas. This hierarchy starts with our purpose and our values. These in turn give rise to our strategy, IGO Code of Conduct and operating policies. These high-level documents inform our Common Management Systems Standards; the prescription for the fundamental high-level business processes within IGO. In turn these standards give rise to functional standards, for example safety, financial or IT. Finally, it is these functional standards that inform the specific guidance on how work is to be planned and executed through procedures and safe work instructions. At its heart, IGO’s management system is structured to drive continual improvement prioritised on the basis of risk. For further information of IGO’s systems, refer to IGO’s previous sustainability reports. Conformance with our management system IGO has two well-established assurance processes to ensure the ongoing integrity of our systems: IGO’s corporate assurance program and IGO’s whistleblower process. IGO’s corporate assurance program is comprised of both internal and external audit, and operational reviews and inspections. External audit is primarily targeted at financial management and is completed in accordance with the law and recognised financial standards. IGO’s internal audit process is based on the progressive review of those elements of the IGO management operating system that control high-risk business processes, inclusive of, but not limited to, internal financial control and ESG management. Our corporate assurance program for financial matters is overseen by the Audit Committee, and for all non- financial matters by the Sustainability and Risk Committee. In FY19, IGO’s financial audit was completed by BDO Audit (WA) Pty Ltd, as detailed in the 2019 Annual Report. In FY19, the IGO internal audit program was coordinated by Enumerate. Given the diverse range of matters to be addressed by our non-financial audit, from internet security to geotechnical controls within an underground mine, IGO engages specific subject matter experts as required to complete these internal audits. In FY19, while IGO’s corporate assurance program identified numerous opportunities for improvement, none were deemed to be material to the governance and sustainable operation of our business. However, from the improvement opportunities identified, corrective actions have been prioritised and work is ongoing. The Sustainability and Risk Committee has oversight of IGO’s fraud control plan. The efficacy of this plan is tested as part of the corporate assurance program. In FY19, no acts of fraud of any type were identified. However, IGO, like most businesses, is subject to potential internet-based attack where the motives of the perpetrators is to defraud the business. IGO regularly tests and updates our computer systems and our operator’s interfaces. We remain vigilant in monitoring internet activity. IGO is committed to maintaining an open and honest working environment in which our people are able to report instances of unacceptable conduct, without fear of intimidation or reprisal. The Group’s Whistleblower Standard enables our people, suppliers, contractors, tenderers and / or any other person who has business with IGO to report confidentially any significant concerns about the business or behaviour of individuals. This could include suspicion around business integrity and corporate governance, financial reporting, safety and environmental concerns or human rights. In FY19, no cases were raised through the IGO whistleblower process. Statutory compliance IGO’s corporate assurance program tests the businesses compliance with the law. In FY19, IGO was not subject to legal action, prosecution or any regulatory penalties. In FY19, IGO received three notices from the Western Australia Department of Mines, Industry Regulation and Safety following workplace visits by their inspectors. One was a notice of improvement and two were prohibition notices. All associated corrective actions have been completed. RISK MANAGEMENT At IGO, risk management is overseen by the Board through the Sustainability and Risk Committee. The Committee operates in accordance with a Charter approved by the Board. The primary role of the Committee is to assist the Board with overseeing and monitoring the Company’s Risk Management System. It should be noted that specific elements of financial risk management are separately monitored and reviewed by our Audit Committee. A description of our risk management system (inclusive of IGO’s Risk Appetite Statement) is provided in IGO’s Common Management System Standard 3 – Risk Management. The system is intended to address risks that may: • impede the Company from achieving its purpose; • impact on the Company’s performance; • affect the health, safety or welfare of employees, visitors, members of the community and others in relation to the Company’s operations; • impact on the community and the environment in which the Company operates; • impact on insurance arrangements; • threaten compliance with the Company’s statutory obligations; • impact on the Company’s reputation, or that of its people; and • result in personal liability for Company officers arising from the Company’s operations. IGO’s Risk Management System is a hierarchy of three risk management processes, comprising: • Business Critical Risk Management • Operational and Project Risk Management • Personal Risk Management (primarily safety risks) 24 — IGO SUSTAINABILITY REPORT 2019 SECTION 2 BUSINESS INTEGRITY