Print
Infosec and King II
June 25, 2008 – 7:40 am by Lance MichalsonDirectors and management can longer hold the view that “to err is human - and to blame it on a computer is even more so“ (Robert Orben).
The “King Report on Corporate Governance for South Africa 2002″ (King II) was released in March 2002. The purpose of King II is to promote the highest standards of corporate governance in South Africa.
King II also gives expression to one of the cornerstone goals of any information security programme, namely “accountability” (the ability to identify the person or organisation that performed or are responsible for actions affected). (Examples of accountability would be (i) accepting responsibility for educating and training employees in the risks posed by the use of technology in the workplace and (ii) accepting responsibility for the organisations information management and information retention processes.)
When it comes to information security, King II does not specifically impose any obligations on the Board of Directors and management. However, certain of the recommendations do impact on information security.
- Subscribe - unlimited access for R495 per month per subscriber. It's quick and easy, and you can unsubscribe at any time. Find out more about the benefits of subscribing. Why you should pay for the content. Subscribe Now.
- Register - limited access for FREE, and without obligation. It's quick and easy to get greater access instantly. Select "Free Account" under the Subscription Options. [ Register ]
Similar:
- IT Governance in King III
- Corporate Governance and IT in South Africa
- The link between the governance principles in King III and the law
- King 3 published for comment
- Current Infosec Trends
Sorry, comments for this entry are closed at this time.