Description of the King IV - Information and Technology Governance course

King IV defines South Africa’s requirements for information and technology governance. The King IV Principle 12 recommends practices for the governance of information and technology that align with governance principles and governance outcomes. COBIT® is an IT governance and management framework from ISACA. It provides practical guidance for the implementation of IT governance in accordance with King IV.

Governance systems should be designed to reinforce and govern a holistic and inter-related set of arrangements that can be understood and implemented in an integrated manner using organisational structures, processes and ethical, conscious behaviour.

SEMINAR OBJECTIVES

This seminar will assist participants understand the King IV requirements for information and technology governance and learn how to improve their current capability to govern technology and information.

On completion of this seminar, participants will be able to:

• Demonstrate an understanding of King IV corporate governance framework, the applicable principles and practices for information and technology governance
• Articulate a plan of action to address the requirements of King IV and assist the Board and CIO fulfil their governance responsibilities as set out in King IV
• Design and implement a governance framework and management system for the information and technology governance practices of King IV
• Develop an accountability framework
• Perform reviews and report on the information and technology governance framework.

COURSE CONTENT

• The role of the board and CIO in governing the way information and technology supports the organisation
• Developing policy for the articulation of strategic direction and adoption of appropriate standards and frameworks
• Implementing policy for enterprise-wide information and technology management, long and medium-term decision-making and day-to-day operations
• Techniques for establishing adequacy and effectiveness of information and technology management
• Governance of cyber-security risk and opportunity
• Performing formal reviews of the adequacy and effectiveness of an organisation’s information and technology function
• Minimum requirements for the disclosure of structures and processes for information and technology management.

View the SEMINAR SCHEDULE at the top of this page for details of these King IV courses.

Description of the King IV - Compliance Governance course

King IV defines South Africa’s requirements for compliance governance. The King IV Principle 13 recommends 8 practices for compliance governance that align with governance principles and governance outcomes. The recommended practices include strategic direction and policy on compliance from the governing body and the adoption of the appropriate standards and framework to give effect to the policy.

King IV recommends that the governing body delegate to management responsibility for implementing policy on enterprisewide compliance management and for embedding it into the day-to-day, medium and long-term decision making, activities and culture. The governing body is to oversee management of compliance with laws and adherence to non-binding rules, codes and standards.

King IV requires practices that align with principles, and principles that align with governance outcomes. Governance systems should be designed to reinforce and govern a holistic and inter-related set of arrangements that can be understood and implemented in an integrated manner using organisational structures, processes and ethical, conscious behaviour.

ISO 19600 is an international stardard provides guidance for establishing, developing, implementing, evaluating, maintaining and improving an effective and responsive compliance management system within an organization.

ISO 19600 requires that the governing body and top management demonstrate leadership and commitment with respect to the compliance management system by establishing and upholding the core values of the organization, ensuring that the compliance policy and compliance objectives are established and are consistent with the values, objectives and strategic direction of the organization and ensuring that policies, procedures and processes are developed and implemented to achieve compliance objectives.

SEMINAR OBJECTIVES

This seminar will assist participants understand the King IV requirements for compliance governance and learn how to improve their current capability to fulfil compliance obligations and achieve compliance objectives.

On completion of this seminar, participants will be able to:

• Demonstrate an understanding of King IV corporate governance framework, the applicable principles and practices for compliance governance
• Articulate a plan of action to address the requirements of King IV and assist the governing body and top management fulfil their compliance governance responsibilities as set out in King IV
• Design and implement a compliance governance framework and management system using the guidance of ISO 19600
• Develop a suitable accountability framework, organisational structures, policies, processes and practices
• Perform reviews and report on the compliance governance framework.

COURSE CONTENT

• The role of the board and top management in governing how compliance supports the organisation
• Developing policy for the articulation of strategic direction and adoption of appropriate standards and frameworks
• Implementing policy for enterprise-wide compliance management, long and medium-term decision-making and integration into day-to-day operations
• Managing compliance with laws and adherence to non-binding rules, codes and standards
• Mechanisms for monitoring and assessing adequacy and effectiveness of compliance
• Undertaking formal reviews of the adequacy and effectiveness of the organisation’s compliance function.

OVERVIEW

The Protection of Personal Information Act requires that responsible parties ensure that any processing of personal information conforms with the eight conditions for the lawful processing of personal information. The processing of human resources (HR) information of job applicants and workers is an area of high-risk.

SEMINAR OBJECTIVES

Participants will obtain an understanding of the legislative requirements for the processing of personal Information that apply to Human Resource management. On completion of this seminar, participants will be able to:

• Demonstrate an understanding of the impact of the Protection of Personal Information Act on the processing of HR information.
• Be able to communicate the key aspects of the Protection of Personal Information Act that impact HR
• Articulate the HR activities that require attention as a result of the Protection of Personal Information Act
• Clarify responsibilities of HR personnel involved in the processing of personal information
• Develop and implement a compliance framework for the protection of personal information in the HR function
• Perform a privacy impact assessment
• Develop a privacy plan for HR information
• Monitor the compliance framework for privacy in HR.

SEMINAR OUTLINE

Participants will learn through discussion and practical examples how to prepare for and address the organisational, procedural, technical and legal requirements of the legislation for the Protection of Personal Information that impact Human Resources.

This seminar includes topics about:

• Overview and key components of the Protection of Personal Information Act
• Accountability for the processing of personal information
• Conditions for lawful processing of personal information
• Identifying personal information and the category of special personal information
• HR practices that do not comply with the Protection of Personal Information Act
• Good privacy practices of the HR staff
• The development, implementation and monitoring of the HR function's compliance.

• Impact on HR