It is interesting that IT governance is dealt with in various parts of King III™.
IT Governance in the King III Code
- Under the heading “New Issues in the Report” on page 14.
- The governance of information technology is dealt with in principle 5. There are seven principles and 24 recommended practices. It is interesting that for the first time a whole principle is dedicated to IT governance.
- IT governance is defined as “a framework that supports effective and efficient management of IT resources to facilitate the achievement of a company’s strategic objectives.”
- Information security is defined as “the protection of information from a wide range of threats in order to ensure business continuity, minimise business risk, and maximise return on investments and business opportunities.” and is addressed in principle 5.6.4.
Mentions of IT Governance in the King III Report
- It is first mentioned under the heading in the introduction – Emerging governance trends incorporated in the report.
- Information technology (IT) risks are discussed.
- IT governance and IT security are both discussed.
It is interesting to note that information security is also dealt with in some detail in the draft of the Protection of Personal Information Bill.
CIOs get a special mention
Chief Information Officers (CIOs) and IT managers will be interested in the statement in the report that says that “chief information officers must be business oriented and provide a bridge between IT and the business” and that “Larger companies may consider appointing a chief information officer to take responsibility for the implementation and monitoring of IT governance within the company. Smaller companies may not appoint an individual responsible for this role, but should assign the responsibility to executive management reporting directly to the board.”
We have drafted a mindmap of the IT Governance aspects of the King III™ Report to help people get to grips with how it is dealt with in the draft.
Note: Copyright and trademarks for the King III™ and IV Report on Corporate Governance™ are owned by the Institute of Directors in Southern Africa. All views are our own and we are not endorsed in any way by the Institute of Directors in Southern Africa.