“Information systems were used as an enabler to business, but have now become pervasive in the sense that they are built into the strategy of the business. The risks involved in information technology (IT) governance have become significant. We therefore deal with IT governance in detail in King III for the first time.
There is no doubt that there are operational risks when one has a service provider because confidential information leaves the company.
In IT governance, one seeks confidentiality; integrity and availability of the functioning of the system; possession of the system, authenticity of system information; and assurance that the system is usable and useful.
Concerns are unauthorised use, access, disclosure, disruption or changes to the information system.”
Judge Mervyn E King, SC, King Committee Chairman, King Code of Governance for South Africa