Assessment Area Operational Assessment Last Assessed: 14th Jan 2022 at 11:12 am Responsible Party: Detailed Assessment - Operational Detailed Assessment - Operational Is the Community Scheme safety prepared/fire safety compliant and is a fire protection plan in place i.e. fire breaks, bush clearing, fire hydrants, fire extinguishers, fire equipment, sprinkler systems, smoke detectors, fire siren/fire alarms, fire exits, fire wardens, fire drills, assembly areas? * Yes - we have placed a specific focus on fire prevention and protection and are fully equipped and prepared. Yes - while we have put a focus on this area, we can do more around prevention. Yes - to some degree. There is still much that could be done in respect of testing/servicing of equipment and preparedness. No - we have very little in place and are largely not safety compliant. We have outdated/untested extinguishers/old hoses/no equipment. No, not at all. We are totally ill prepared. Does the Community Scheme have pre-paid meters in place for electricity and/or water? * Yes - water and electricity Yes - electricity only Yes - water only Not at all Does the Community Scheme/Estate Management/Developer/Operator have infrastructure/contingency/ back-up plans for water and/or power outages e.g. back-up generator/private generators, inverter, solar, borehole, water/rain harvesting, communal storage/private water tanks etc. * Yes, comprehensive - communal generator/solar panels/communal water storage tanks/and borehole plus individual owners having own contingency infrastructure Yes, to a large degree - generator, borehole, storage tanks, solar energy for Common area usage Yes to a limited degree - limited back-up generator capacity/some basic solar lighting and/or communal water tanks Yes to a very small degree - some communal water tanks but very limited No, not really - basic inverter for access control/security No, not at all - no contingencies, no plans - totally reliant on municipal/national grid supply for electricity and water Have you taken steps to provide localised storage of water resources for 48 hours of human consumption? * Yes - storage tanks have been deployed Yes to a degree - some basic harvesting/storage efforts have been made No – not at all Have all the work processes e.g. facilities management (plumbing/electrical), owner/tenant complaints and issues, maintenance/cleaning routines, security and access controls procedures, disaster management/evacuation routines etc. been adequately documented, standardised where possible, and are these robust, repeatable and are they documented and followed up on? * Yes – laid down processes and procedures are well documented and entrenched in all the relevant operational work areas. Follow up is part of the procedures. Yes to a large degree - odd things do however still fall through the cracks. Yes to some degree but not for all the required areas/aspects. No, not really – we are very inconsistent in these areas and the service levels/responsiveness is very erratic. No - we have nothing documented, formalised or standardised in any areas. No, not at all - our maintenance and facilities management processes are non existent. Does the Community Scheme/Estate Management/Operator/Managing Agents have easy and reliable channels for the reporting of problems and issues e.g. maintenance issues such as leaking/burst pipes, burst geysers, leaking roofs, faulty lighting, faulty access system, tenant/rule transgressions etc. i.e. web-site, dedicated contact number/s, e-mail address, nominated parties? * Yes - we have dedicated channels with all issues being acknowledged, referenced, escalated appropriately, approved, and followed up on. Yes to a degree – some formalised channels are in place, but we still have some things falling through the cracks. Yes, but we still experience problems with processes being bypassed/not followed. No - not really. There are no specific channels in place/problems and issues are not efficiently dealt with. No, not at all. We have no formalised channels/processes around the handling of problems/issues are dealt with on an ad-hoc/random basis. Do the Trustees/Directors/Community Scheme/Estate Management/Managing Agent/Developer/Operator experience problems with the management of value received, standard and quality of services delivered by third/outsourced or contracted parties? * Yes - we are heavily reliant on external parties to deliver quality services. We really struggle to manage and supervise this dimension and experience major problems. Yes to some degree – we have outsourced a few elements e.g. security, garden services but do experience problems with management and the quality of service provision. Yes to a small degree - our Estate Management/Trustees or Directors personally oversee all elements of third party/contracted service delivery, however we still experience some/odd problems. No – Trustees/Directors/Estate Management control and personally supervise and manage all key dimensions of third party service provision and delivery. As a result no problems are experienced. No, not at all - We do not outsource any service delivery to third parties/this is all done by/supervised ourselves. Is the Community Scheme vulnerable to the cancellation, termination or suspension of service or supply agreements for whatever reason e.g. security, gardening, maintenance, managing agents? * Yes – we are highly vulnerable in this area. Yes to a fair degree – we are fairly vulnerable to some service agreements. Yes to a small degree – we are not overly exposed in this area. No, not at all. We have comprehensive back up plans for all these eventualities. Does the Community Scheme/Estate Management/Developer/Operator carefully maintain and manage its assets (fixed/moveable assets and current assets)? * Yes very much so. We see the management of our assets as crucial. The condition of assets are routinely checked up on (e.g. to prevent damage or breakdowns), a detailed asset register is kept and there is clear accountability for assets and consumable stocks. Yes, to a large degree. We keep a fairly close watch on our assets, such as checking the existence and condition of assets, but this needs more focus. Yes to some degree. Major assets are managed but this does not extend to all assets. Not really. The major assets are monitored but the condition and state of these is generally poor. Not at all. No one is taking responsibility for this/there is also abuse of Community Scheme assets e.g. private usage/theft. Does the Community Scheme/Trustees/Directors/Estate Management/ Developer/Operator carefully monitor and manage the insurance of its assets (fixed, moveable and current assets) and other associated risks? * Yes - all assets and risks are comprehensively insured and reviewed annually. Yes to a large extent. Act complied with and most other risks covered. Yes - we meet the requirements of the act, but are possibly inadequate in other areas of cover. No, not really. Insured amounts are out of date/some areas are not covered. No, not at all. Our insurance is in a mess. We have taken a conscious decision to self insure non-regulated areas/build up a sinking fund Are the Trustees/Directors/Estate Management/Developers/Operators and/or Managing Agents aware of the excesses that may apply in respect of any insurance claims lodged for both regulated and other insurance and the potential impact on the Community Scheme? * Yes - fully aware Yes to some extent/not totally clear Can't establish clearly No, not at all aware Does the Community Scheme have robust HR processes and disciplines in place e.g. recruitment, disciplinary, performance measurement, remuneration, payroll? * Yes we have comprehensive policies and processes. Yes to a degree. We have policies and processes but these are often overlooked or bypassed. No we have no formalised processes in place. Not applicable to our Community Scheme/we don't have any employees Does the Community Scheme/Estate Management/Developer/Operator have a comprehensive policy covering the recruitment of staff e.g. budget availability, clear definition of the position, the advertising of the position, the applicant screening process, the selection process, background vetting and reference checks? * We have very robust policies defining recruitment, vetting and background checking and how potential candidates are to be evaluated. Yes - to a degree No, not at all Are signed contracts of employment and job descriptions in place for all employees of the Community Scheme? * Yes - in place for all employees Yes to some degree - some job descriptions/performance measurement/ KPA targets are not in place No, not really. We rely on the interpretation of labour law and basic conditions of employment. No, none of these things are in place/we are vulnerable to litigation and dispute here Is there a clear code of conduct, HR policies and conditions of employment in place for employees of the Community Scheme? * Yes Yes to some degree - general HR policies in place but conditions of employment not clear No, not really. These are all very stale and we rely on the interpretation of labour law and basic conditions of employment. No, none of these things are in place/we are vulnerable to litigation and dispute here. Are appraisals of employee performance being carried out? * Yes No Don't know/Can't establish Are all the employees or contractors deemed as employees in terms of labour law, registered for taxation/uif/workman's compensation as required by SARS?Are all the employees or contractors deemed as employees in terms of labour law, registered for taxation/uif/workman's compensation as required by SARS? * Yes - fully compliant Yes to a large degree - some elements non-compliant No, not really - only some employees have been regularised No, not at all - we are non-compliant/we have not attended to these aspects/they have been over-looked. Don't know/Can't establish Is your payroll formally managed and have the statutory deductions being made and paid over e.g. UIF/Workmen’s Comp, PAYE, in respect of all registered employees? * Yes - a reputable payroll package is used by the Trustees/Directors/Managing Agents/Developer/Operator/Accountants/Estate Manager. All employees are appropriately registered, payments are made by EFT and statutory deductions are paid over immediately. Yes to a degree - the payroll is managed internally by Trustees/Shareholders/Operators/Developers/Estate Manager. Processes and payments could be improved. No, not really -Appropriate registrations are not all made and payments and deductions are not always processed on time. No - this is poorly managed and is largely manual. Registrations aren't in place and deductions are not paid over on time. We are vulnerable to prosecution here. Has anything been done to deal with or mitigate natural risks to the Community Scheme e.g. fire breaks, bush thinning, fire hydrants, water tanks, fire sirens, wind barricades, formalisation of assembly areas, gullies, storm water drains, barricades, retaining walls, underpinning of structures, formation of fire/rescue teams? * Yes - considerable steps have been taken to deal pro-actively with these risks Yes - improvements are made but often after the event Yes - to a very limited degree Don't know/can't establish No - not at all How vulnerable is the Community Scheme to crime e.g. criminality, unrest, fraud, theft, robbery? * Very To a high degree To a lesser degree Not at all/no incidents Does the Community Scheme make use of the services of a contracted security service provider or privately contracted/employed guards? * Yes - comprehensive guarding services are used (24/7/365 days) Yes - limited services are utilised. No - no guarding services or guards are used. Is the security service provider registered with the appropriate authority and does it hold the necessary indemnity cover and/or are all security guards formally accredited? * Yes in all respects Yes to some degree - not all guards accredited Don't know/Can't establish No Are the security guards being rotated as part of good practice? * Yes - on a regular basis Yes - but not consistently Don't know/Can't establish No Has the Community Scheme taken pro-active measures to improve its security and access controls e.g. resident/servant data base, number plate/drivers licence recording, pin approved third party/visitor entry, fingerprint or facial recognition, use of CCTV cameras, motion sensors, thermal imaging, drones etc.? * Yes, we use the latest technology wherever possible and access controls are strictly enforced. Yes, we have introduced better controls but these are not always enforced. No, we do the basics and have not done anything specific to improve security and controls. Does the Community Scheme know at all times the full details of everyone who is resident/staying in the Community Scheme, including those parties e.g. contractors/service providers/servants, who have been granted approved access to the Community Scheme? * Yes. This is extremely well managed and controlled. Our access control system and data base forms an integral part of our security controls. Yes to a large degree. We do focus carefully on this area, but we could still improve. No, not really. Our systems and records are almost always incorrect/obsolete/unreliable. No. While we have some controls in place to record these, our controls are weak and very limited. No, not at all. We have no idea who all is staying in the Community Scheme, and/or who has access. We are at great risk here. Don't know/Can't establish. Does the Community Scheme/Managing Agents/Estate Management/Developer/Operator have a crime reporting line or confidential reporting mechanism in place? * Yes. No, not really but we offer rewards for information where material. No, we have nothing in place. Does the Community Scheme/Managing Agents/Estate Management/Developer/Operator maintain a detailed record of all crime incidents within and impacting the Community Scheme as well as access records of the Community Scheme? * Yes. Comprehensive records are kept in tandem with the security service providers. No, not really. Only major issues or transgressions are recorded. No, we have nothing formalised in place/very basic records are kept. Has the Community Scheme and/or Managing Agents taken any measures to deal with high risk tenants, suspicious lessees or owners e.g. units rented for cash, units bought with laundered moneys, parties undertaking or conducting criminal activity, drug dealing or other suspicious or unacceptable behaviour from units? * Yes. We have a zero tolerance to fraud and theft and have made crime awareness and/or unacceptable behaviour a high priority. Managing Agents don't accept cash from owners, we make use of CCTV, provide panic buttons, enable ready access to a dedicated Security Manager and the Crime authorities as well as provide a crime reporting line. Yes, to some degree. We have improved security and surveillance but could do much more. Not really. We have largely turned a blind eye to potential criminal activity/unacceptable behaviour. No not at all. We have done nothing over and above the provision of basic security. Is the Community Scheme/Developer/Operator/Managing Agent/Trustees/Directors/Estate Management vulnerable to the collapse, failure, unavailability or compromising of systems, access/security technology, IT, operational or telecom systems due to e.g. criminal activity, insufficient bandwidth, the theft/damage to equipment/computers/cables, lightning/power surges, loss of data lines/cable theft, network failure, website/hosting service failure, cybercrime or to the loss/theft or corruption of data? * Yes we are very vulnerable in this area as we are heavily reliant on other parties/have minimal controls or protection/have no contingency or back-up plans Yes to a large degree Yes to a small degree – we have fairly good controls and some contingency plans/back-up systems in place but these are not comprehensive No, not really – we have comprehensive back up processes/controls and systems in place No not at all - we have very comprehensive and robust controls/systems and back ups in place Not applicable - we have limited/minimal reliance on technology Where the Trustees/Directors/Estate Management/Community Scheme/Developer/Operator and/or Managing Agents make use of the internet, on-line banking systems and other software controls, are robust IT controls and disciplines in place and documented? * Yes, absolutely. We have good firewall, password and anti-virus controls in place and have put preventative measures in place around a variety of potential attacks and threats, including the theft of computers (laptops/tablets/desktops), loss of data, cyber fraud and have issued best practice guidelines to staff. We have made IT disciplines and security and cyber-crime awareness a core focus and an integral part of our risk management process. Yes, we have robust IT policies and data security controls and back-up disciplines in place. As part of on-going staff education and training, a specific focus is placed on IT security, IT disciplines, data back-up, password controls, cybercrime awareness, social media and internet usage and the threat of data theft, hacking and phishing. Yes, while we follow tried-and-tested IT best practice policies and procedures, which are aligned to our governance policy i.e. that good hardware and software controls are in place, that the confidentiality of all passwords and password disciplines are tightly maintained and followed, we still seem to be behind the curve. To a limited extent. While we have some controls (e.g. anti-virus software, patch updates, physical security, firewall and password controls) to protect our IT systems and data, these have limitations. Access to our accounting and banking systems and customer data are controlled by passwords but these controls aren't strictly followed. No, we have almost no real IT security policy or IT controls/disciplines in place, and find that policies (e.g. password changes and data back-up) are not followed by trustees/directors/staff. No. We rely totally on basic anti-virus software and have not taken any other specific security measures. We are highly vulnerable. Are IT controls and disciplines adhered to and strictly enforced by Trustee/Directors/Estate Management/Managing Agents/Third-Parties? * Yes – there is good discipline and controls are very strictly enforced Yes to a degree – but these are often bypassed or over riden to get things done No - not at all Not applicable/not necessary Don't know/Can't establish Do the Trustees/Directors/Estate Management/Community Scheme/Developer/Operator/Managing Agent update the virus protection or anti-virus software, software patch updates, personal firewall software and other associated security controls on a regular basis to ensure no weak configurations are in place? * Yes – we pro-actively attend to all these elements Yes to a degree – but we are not pro-active in all areas No - we are very slack in this area and are vulnerable as a result We do the basic minimum requirements when forced to Don't know/can't establish Does the Community Scheme/Trustees/Directors/Estate Management/Developer/Operator/Managing Agent have qualified staff to support and maintain technology and/or IT systems? * Yes – we have qualified dedicated staff to ensure continuity and support of our systems Yes to a degree – we are reliant on outsourced/contracted service providers for our support Not really – we are totally reliant on ad-hoc third parties/Managing Agent for our support Not required/not applicable No, not at all. We are vulnerable here/rely on whoever we can. Do the Trustees/Directors/Estate Management/Community Scheme/Developer/Operator/Managing Agents only make use of licensed/registered software? * Yes No Not applicable Don't know/can't establish Does the Community Scheme have their own secure web-site? * Yes, secure hosted web-site which is actively managed. Yes to a degree. Hosted and managed by external parties but could be improved. Yes, but the site is often down and/or is not maintained or monitored. Site is vulnerable to hacking. No. Do the Trustees/Directors/Estate Management/Community Scheme/Managing Agent/Developer/Operator make use of social media and/or app and/or web-site and/or messaging services and/or email e.g. Facebook site, Whatsapp group or bulk sms's for critical communication to owners/tenants/lessees and for the reporting of maintenance or operational issues? * Yes, actively utilised Yes to some degree No Is the Facebook page/web-site/social media and/or the messaging group for the Community Scheme well managed, controlled and subject to strict conduct and use conditions? Is the Facebook page/web-site/social media and/or the messaging group for the Community Scheme well managed, controlled and subject to strict conduct and use conditions? Is the Facebook page/web-site/social media and/or the messaging group for the Community Scheme well managed, controlled and subject to strict conduct and use conditions? * Yes - well managed, disciplined and controlled Yes to some degree - stale and obsolete content/not always well managed No, not really - has lost focus/no clear ownership/has mixed messaging/being abused for personal gain No, not at all - not being attended to/no longer functional/has become defunct Don't know/Can't establish If you are human, leave this field blank. Submit
