With the advent of the King III Code, all institutions now are required to comply with the rules of good practices for corporate governance, and this includes not-for-profit institutions, government bodies and agencies, as well as the private sector. One of the new elements included into King III is the requirement for ICT (Information and Communications Technologies) governance, given the importance that information technologies and systems have in this modern world. The problem is that almost no smaller institutions have the capacity to introduce such governance and are then receiving poor compliance audits as a result.
All museums, libraries, archives and other memory institutions have been moving into the digital space over the past few years. This means that an increasing amount of your records and holdings are in digital form and need to be managed through ICT practice including desktops, laptops, tablets, phones, servers, software, databases, networks, security and many other technologies. If you fail to look after the digital elements of your holdings and records properly, then you may lose it all, and this may cause significant damage to the institution which is costly or even impossible to recover from. The introduction of good ICT Governance is not just to meet the compliance requirements, is part of running a museum, library or archive in this modern world.
We have more than 50 years of combined experience in ICT including advising our clients on ICT Governance and best practices. Over the past few years, we have developed an ICT Policy Framework to assist smaller institutions in complying by simply following a smaller set of policies and procedures, which can be applied no matter the side of the institution and the capacity in terms of ICT personnel and skills. This Framework is adapted to the needs of each institution and is sufficient to demonstrate that your institution is in compliance with the King III and other codes of practices. Our work her is performed under our ETHER Governance business unit which also helps with strategic plans and policy development.
Our ICT Policy Framework accommodates around 20 core policies which help you to govern many of your standard operations, such as user access, Internet usage policies, management of digital data and records, and backups.
We would be very happy to talk to you about your needs and especially how you can deal with audit queries concerning non-compliance in ICT policies and practices.
Please contract Roger Layton at roger.layton@ether.co.za or on 082.881.0380.