Abstract
In today’s technologically advanced business environments, Information Technology (IT) has become the center of most businesses’ strategic activities. It is for this reason that the King III report has dedicated a chapter to addressing IT governance principles, holding the board of directors (senior management) responsible for addressing such principles. The King III report does provide broad level guidance, however lack sufficient detail on its interpretation. Although various guidelines in the form of IT control frameworks -models and -standards exist, it remains theoretical in nature and companies tend to implement these guidelines in an ad hoc manner. This ad hoc implementation of controls leads to unnecessary controls being implemented, resulting in an ineffective IT governance system that does not address each key strategic risk area. The objective of this research is to develop an integrated best practices framework, which will provide guidance to senior management in how to effectively and efficiently address King III’s IT governance principles by taking a business’ unique strategic objectives into account. A detailed literature review was performed of different control frameworks,-models and standards. These were analysed to identify a list of similar and overlapping control areas. These control areas were thereafter mapped to a list of strategic objectives applicable to most businesses. In doing so, effective and efficient IT governance principles which are understood by senior management, are able to be implemented.
Highlights
Effective corporate governance principles form the foundation of any successfully managed company
A recent significant development occurred when King III report stated that directors and senior management should be held overall responsible for the implementation of good IT governance principles
The control objectives of the Control Objectives for Information and related technology (COBIT) control framework need to be aligned to the chosen business imperatives
Summary
Effective corporate governance principles form the foundation of any successfully managed company. The King III report further suggest that these principles are to be delegated to management who are to be responsible for the (operational) implementation of the IT governance framework, the overall understanding and direction with regards to IT governance matters still remain first and foremost management’s responsibility at a strategic level (defined as developing strategic objectives which will set the company apart from its competitors and give it its competitive advantage) This poses a challenge to directors and senior management since King III’s guidance on how to practically address IT governance, appear vague and unclear (Muller, 2009) and are only addressed at a highlevel
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have