Mapping the Information Technology (IT) governance requirements contained in the King III Report to the IT domains and processes of the Control Objectives for Information and Related Technology (COBIT) framework
Date
2009-12
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Stellenbosch : University of Stellenbosch
Abstract
ENGLISH ABSTRACT: Due to the integration of IT into all aspects of modern-day businesses, it is vital that the
risks associated with IT are governed as an integral element of enterprise-wide corporate
governance. The Third King Report on Corporate Governance (King III) was issued by the
South African Chapter of the Institute of Directors in September 2009 and becomes
operational on 1 March 2010. This marks the first time that the King Report has specifically
addressed IT governance.
King III will apply to all corporate entities. Such entities could benefit from applying an IT
governance framework to ensure that they adequately address all aspects of IT
governance, as required by King III. One of the comprehensive frameworks available is
COBIT (Control Objectives for Information and Related Technology) issued by ISACA
(previously known as the Information Systems Audit and Control Association). King III
mentions the fact that COBIT could be used to assess and implement IT governance within
an entity.
The aim of this research is to determine whether the use of COBIT ensures compliance
with King III’s requirements relating to IT governance. It was found that the main
requirements in King III relating to IT governance and the processes of COBIT are well
aligned, and, as a result, COBIT could be used effectively to ensure compliance with King
III in relation to IT governance. However, an entity would still have to pay attention to
certain King III-specific requirements.
Furthermore, it was found that the application of the principles in COBIT could further
strengthen the IT governance of an entity, as COBIT also addresses the more detailed
activities, such as the implementation and operation of the IT system, which is not
specifically addressed by King III.
Description
Thesis (MAcc)--University of Stellenbosch, 2009.
Keywords
Information Technology (IT) governance, Third King Report on Corporate Governance (King III), Theses -- Accountancy, Dissertations -- Accountancy