Basic Principles of the King III Code as it relates to IT:
- A board of directors can delegate responsibilities of risk management to risk committees;
- The audit committee should be an integral part of any IT risk management process; and
- The board of directors should ensure that IT is aligned with greater business objectives and the sustainability of the organisation as a whole.
IT principles to consider within an organisation:
- IT governance issues to consider within a corporation and part of the rational for implementing King III-
- Risks and controls;
- Business continuity;
- Data recovery;
- Information security;
- Privacy;
- Understanding of risks and controls;
- Review of risk management plan;
- Education and awareness;
- Change management.
- General business objectives in the alignment of governance within the business with King III particularly in the IT arena-
- Strategic alignment and collaborative solutions;
- Value delivery;
- Risk management;
- Resource management.
- IT security alignment issues-
- Triumvirate of confidentiality, availability and integrity;
- Protection of information in a knowledge economy.
- Underlying Benefits of following King III and its recommendations pertaining to IT Risk management and governance:
- Enabling of business strategy;
- Sustaining of normal operations;
- Management of risk;
- Avoidance of unnecessary cost, both legal and operational.