King IV Report For Corporate Governance: What It May Mean For Your Organisation

Compliance Management | 3 Min Read |10 November 16|by BLOG ADMIN

The fourth edition of the KING report builds on the best practices and principles in corporate governance in South Africa. The draft report was published in Mar 2016 and post the comments phase, the report was finally launched at the Sandton Covention Center in Johannesburg on 1 Nov 2016. The last edition of the report – King III was launched in 2009 post the financial crisis, and since then the global environment has changed significantly due to climate change, geo-political issues, population growth, and above all, rapid technological developments. Therefore, good corporate governance has become vital for sustainable value creation not only in South Africa, but also in the global context.

This is also the primary objective for King IV where promotion of good corporate governance in business is going to benefit an organization in terms of developing an ethical culture, enhance performance and value creation, help the governing bodies or regulators to exercise effective control, and help build confidence in an organization which will in turn strengthen its reputation. King IV will also look to broaden the scope of application of good corporate governance by making it accessible and suitable for organizations of various sizes, resources and complexity. The code defines the responsibilities of a governing body which include providing strategic direction, approving policy for putting this strategy to action, and have oversight of implementation for these policies.

Some of the underpinning philosophies of King IV have been refined from the previous version and are likely to have a significant impact on the risk, compliance and information technology governance programs in the organizations.

Risk and Opportunity Governance

The new report challenges the traditional view of risk as merely being the effect of uncertainties in achieving organizational objectives. It talks about measuring risk in terms of likelihood of an event occurring, and its impact on business, both positive and negative. This becomes all the more relevant in a highly uncertain and volatile environment which each event may be beneficial or detrimental to the organization.The risk environment is also evolving continuously and becoming more systemic due to increased connectivity and technological developments, and the risk management frameworks need to keep pace with the ongoing change.

Technology and Information Governance

Technology has become pervasive in the functioning of any organization as most of their operations are supported by information technology systems. King IV talks about technology and information governance as an enabler for an organization to achieve its core objectives and goals. In addition to formulating and implementing policies on technology and information management, the governing body should also have oversight on cyber risk management and make sure that it is integrated into the overall enterprise risk management framework in the organization.

Elevated Focus on Compliance

The regulatory environment has become highly dynamic, and the compliance organization needs to understand the ever changing obligations, and the entailing laws, rules, codes and standards. The underlying message is that compliance should not just be taken as an obligatory exercise, but should lead to sustainable value creation for an enterprise. There needs to be more proactive engagement between the regulators and the regulated.

Assurance and Internal Audit

King III introduced the combined assurance model, and King IV further builds on it by expanding the traditional ‘three lines of defense’ to ‘five lines of assurance’ which includes all assurance players. It stresses the need to build a robust control environment and strong reporting for effective decision making. The audit committee should be responsible for overseeing the implementation of this model. Internal audit is essential as the third line of assurance and its role has further progressed to provide insights into the business operations and performance, especially through the use of trend analysis, pattern recognition, analysis and scenarios.



Leave a Comment

The content of this field is kept private and will not be shown publicly.
9 + 0 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.


Posted Article: 113

Read More

Top Posts

The Next-Gen CISO - Building Cyber Resilience with Cyber GRC

IT Risk & Cyber Risk | | 5 Min Read

AWS Security Lake and OCSF: A Cyber Risk Perspective

IT Risk & Cyber Risk | | 4 Min Read

10 GRC Trends to Watch Out for in 2023

GRC | | 1 Min Read

Experience the Power of Connection

GRC | | 3 Min Read

Insurance Industry. Strengthen Cyber Resilience Now!

IT Risk & Cyber Risk | | 3 Min Read


Ready to get started?

Speak to our experts Let’s talk