IT Alignment to King III

The King Committee on Corporate Governance in South Africa has placed IT firmly on the board agenda. “In exercising their duty of care, directors should ensure that prudent and reasonable steps have been taken regarding IT governance”. King III goes on to say that “the board should be responsible for IT governance”.

The board is expected to provide leadership, ensure proper value delivery and effectively manage IT risks. Why is this a board level problem? The pervasive nature of information technology is such that there are inherited information risks across the organizations value network. This is a scary thought - by implication there is inherited risk between organizations in outsourcing contracts for example. But let’s focus on the challenge inside the organization. The board needs assurance that information resources are managed effectively and efficiently to achieve corporate objectives.