An Information Security Best Practice Guide for South African Directors has been released by the Institute of Directors (IOD) to help local companies implement information security within the framework of the King II report.
The guide was developed by two ICT law firms - Michalsons Attorneys and Goldman Judin Maisels - as an explanatory guide, which is part of a series that has been generated by the King Report into Corporate Governance in SA (King II).
Originally released in 2002, the King II report, while dealing extensively with corporate governance issues, had little to say directly about IT and the security issues related to it.
IOD executive director Tony Dixon says the time taken to issue such a guide depended on requests from the institute`s members and the discussions by its portfolio committee on corporate governance in issuing draft guide lines.
"Directors are becoming more aware of information security than before when it was somewhat neglected. IT is the lifeblood of companies these days and when the heart stops pumping they know they will die," he says.
The main purpose of the guide is to serve company directors who have embraced the provisions of the King II report, to serve as a benchmark for the success in deploying information security measures and to raise the level of awareness to an organisation`s profitability and well-being.
People who should read the guide include directors, chief information security officers, chief information and chief technology officers and company legal departments.
The guide goes into the key considerations when making information security decisions. This includes the business value of having secure e-channels to market, the business risk that arises with the lack of information security, the compliance requirements of legislation, and the cost of information security systems.
Share