Why choose the IT Governance Network?

Global leaders in the design and implementation of IT governance frameworks and mechanisms.

More than 10 years experience in the protection of personal information (POPIA).

Consulting services, software solutions and wide range of training available.

POPIA Compliance Framework and Monitoring System

POPI Compliance FrameworkThe Protection of Personal Information Act is technical and complex, it requires a wide range of technical and organisational measures to be implemented to protect the rights of natural and juristic persons to privacy.  To ensure compliance, the Information Regulator requires all organisations to develop and implement a compliance framework so that they can effectively monitor the protection afforded natural and juristic persons. 

A functionally rich POPIA Compliance Framework and Monitoring System supports small and large organisations effectively and efficiently achieve POPIA compliance. It enables organisations to jump start their POPIA programme by implementing an international standards-based POPIA compliance framework.   

More about the POPIA Compliace Framework and Monitoring System ...

ICT Governance Training

The Corporate Governance of ICT Policy Framework (Framework) was developed by the Department of Public Service and Administration in cooperation with the Government Information Technology Officer Council. Cabinet approved the Framework on 21 November 2012 and its applicability to all National and Provincial Departments, Provincial Administrations, Local Government, Organs of State and Public Entities.

The head of department is responsible for the implementation of good ICT governance.


The purpose of ICT governance is to ensure that the acquisition, management and use of information technology by departments improves:

  • direct or indirect service delivery to the public, including but not limited to, equal access by the public to services delivered by the department
  • productivity of the department
  • cost-efficiency of the department.

The lack of a governance-wide IT governance framework has resulted in a fragmented approach to the implementation of and adherence to policies and standards, and unlocking the value that ICT could contribute  to business enablement.


To ensure compliance departments are required to annually report to the  Department of Public Service and Administration in accord with the Corporate Governance of ICT Assessment Standard as part of the Management Performance Assessment Tool of the Department of Performance Monitoring and Administration.


Non-compliance will be managed in terms of Section 16A of the Public Service Act.

Read more about ICT Governance ... 


Description of the Corporate Governance of ICT course

The Corporate Governance of ICT Policy Framework is based on principles found in the King III Code, ISO/IEC 38500 and COBIT 5. It stipulates certain governance practices for a government entity's Executive Authority, the Head of Department, the Risk and Audit Committee, and the Executive Management. The policy framework also outlines the implementation approach to be used, and sets out the high-level activities in a three phased approach.

This seminar provides delegates with a clear understanding of the overall policy framework and the relevant sections of the King III Code, ISO/IEC 38500 and COBIT 5.

After attending this seminar delegates will understand the implementation approach to be used and the high-level activities of the three phased approach.


The purpose of this seminar is to assist participants understand how to implement the Corporate Governance of ICT Policy Framework and specifically address the requirements of the three phases.

On completion of this seminar, participants will be able to:

  • Demonstrate an understanding of Corporate Governance of ICT policy framework
  • Articulate how King III, ISO/IEC 38500 and COBIT 5 fulfill the requirements for the Corporate Governance of ICT
  • Assist the Executive Authority and HoD fulfil their governance responsibilities and Executive Management fulfil their responsibilities to implement and manage ICT
  • Develop an ICT Governance framework
  • Design and implement a management system for IT
  • Design and implement the core processes and components of the Framework using COBIT 5.


The role and responsibilities of the Executive Authority, Head of Department and Executive Management for the implementation of an ICT Policy Framework.

The key sources that have influenced the development of the Policy Framework:

  • Public Service Act and Regulations (as amended)
  • Public Finance Management Act
  • State IT Agency Act and Regulations (as amended)
  • The Corporate Governance of ICT Policy Framework
  • CGICT Assessment Standard
  • COBIT 5 Processes: EDM1, APO1, APO2, DSS1 and MEA1.

An overview of the Corporate Governance in the Public Sector, Corporate Governance of ICT in the Public Sector, the Objectives, the Principles, the Corporate Governance of ICT Practices, and the Enabling Structures, including:

  • Implementation of an ICT governance framework (based on King III, ISO 38500 and COBIT 5)
  • Creating an accountability framework and defining roles and responsibilities
  • Implementing the Policy Framework and drafting effective IT policies
  • Developing an ICT Governance Charter
  • Implementing an effective management system
  • Integrating processes and institutionalising capability
  • Aligning IT operations with organisational goals and strategic objectives
  • Creating value, optimising risk management and resource usage
  • Managing risks, implementing a system of internal controls and ensuring regulatory compliance.

COBIT 5 Assessor mistakes!

Common mistakes by COBIT 5 assessors.

View video

King IV Corporate Governance Assessment

King IV assessmentAssess the current level of your organisation's corporate governance using this King IV assessment tool.


COBIT Assessment as a Service

COBIT 5 AssessmentConduct a COBIT assessment using this COBIT Assessment-as-a-Service.


POPIA Preliminary Assessments

it governance oversightPOPIA preliminary assessments provide an efficient and effective approach to determining the extent to which the requirements of the Protection of Personal Information Act have been addressed.


Go to top