It is therefore imperative for organisation leaders to understand the importance of corporate governance, regulatory compliance and the global trends that influence it.
This is according to Jeanetha Brink, owner of Jeanetha Brink Consulting, who addressed ITWeb's Governance, Risk and Compliance conference in Bryanston, Johannesburg today.
Brink highlighted the importance of the governance of ICT and the essential role it plays in efficient operations, value creation and effective risk management.
"Poor governance mostly occurs due to a lack of awareness. Industries can be regulated, but people's behaviour must be guided. Understanding legislation as well as the economic considerations and international perspectives will determine people's behaviour," she asserted.
Brink discussed the four main themes in corporate governance: improvements in cyber security awareness and preparedness, expansion of proactive shareholder engagement, board performance, and work done by audit and risk committees.
"The importance of cyber risk transcends borders, with companies facing serious consequences when they don't comply with laws; hence we need to see many more organisations stepping up in cyber security awareness and preparedness. Security of data is of paramount importance and an organisation's risk appetite should be clearly defined through risk-management assessment programmes," she advised.
The company board, C-suite and operational staff have to be adequately aware of risks and sufficiently prepared, continued Brink.
She unpacked research findings on global trends identified by research firm Deloitte and communications consultancy Russell and Associates, to guide local organisations on what is happening globally and who to place accountability on.
"Shareholder activism is strong in the US and is expected to pick up in Europe. International regulators require onerous risk coverage with requirements regarding internal controls and risk management. There are also rapid technology advancements which create both opportunity and risk.
"The research also found there is still profound technology ignorance, with most board members found to have all three identified risks: cyber security, BYOD and social media. Institutional investors are holding board members increasingly accountable for company performance and they demand greater transparency and engagement with directors," she noted.
Brink made reference to the growing international trend of the separation of information and technology.
"Organisations are increasingly recognising ‘information' in isolation of ‘technology'. Information is perceived as a corporate asset that is part of the company's stock of intellectual capital, while technology is used to access, protect and manage information. There is a need for the board to periodically assess information as well as the technology function," concluded Brink.