Basic Principles of the King III Code as it relates to IT:

  • A board of directors can delegate responsibilities of risk management to risk committees;
  • The audit committee should be an integral part of any IT risk management process; and
  • The board of directors should ensure that IT is aligned with greater business objectives and the sustainability of the organisation as a whole.

IT principles to consider within an organisation:

  1. IT governance issues to consider within a corporation and part of the rational for implementing King III-
    • Risks and controls;
    • Business continuity;
    • Data recovery;
    • Information security;
    • Privacy;
    • Understanding of risks and controls;
    • Review of risk management plan;
    • Education and awareness;
    • Change management.
  2. General business objectives in the alignment of governance within the business with  King III particularly in the IT arena-
    • Strategic alignment and collaborative solutions;
    • Value delivery;
    • Risk management;
    • Resource management.
  3. IT security alignment issues-
    • Triumvirate of confidentiality, availability and integrity;
    • Protection of information in a knowledge economy.
  4. Underlying Benefits of following King III and its recommendations pertaining to IT Risk management and governance:
    • Enabling of business strategy;
    • Sustaining of normal operations;
    • Management of risk;
    • Avoidance of unnecessary cost, both legal and operational.