Enquire now

  • This field is for validation purposes and should be left unchanged.

IT Governance, Risk and Compliance – legal lens

Print This Post
John Giles

Many people are not aware of the legal aspects of IT Governance, Risk and Compliance (IT GRC).  What must an organisation comply with?  What should you consider?  What IT legal risks should be addressed? What impact does the law have on information, communication and technology?

The importance of IT Governance has been highlighted by a whole chapter of King III being dedicated to the topic.  It is a very important part of good corporate governance.  King III says that “good governance is not something that exists separately from the law and it is entirely inappropriate to unhinge governance from law“.  Are you aware of the legal aspects of IT Governance?

We offer a seminar, workshop, webinar or executive briefing on the subject. Get a working understanding of the legal aspects of IT Governance, Risk and Compliance. Get up-to-speed quickly.

What do we cover?

  • Laying the foundation – IT Governance, Risk and Compliance (IT GRC)
  • Why IT GRC matters
  • Exploring the link between the governance principles in King III and IT law
  • What does COBIT say about the law and compliance?
  • Compliance with IT laws
  • Consideration of IT rules, codes and standards
  • What must your organisation comply with?
  • Addressing IT legal risks
  • Who is responsible?
  • Parliament has gone mad
  • An overview of IT laws – an analogy with a plumbing system
  • The practical application of the law to real issues (things like electronic signatures, email disclaimers, social media, and cloud computing)
  • The latest developments, including recent South African case law on facebook and gmail.
  • Tips for successful projects
  • Questions you should be asking
  • The process you should follow
  • Using frameworks – like an IT Legal Framework
  • Looking at solutions – keep the end in mind
  • Some quick wins
  • Factors for success
  • Take home points and Action items


  • Know how you can monitor, evaluate, and assess compliance with external legal and regulatory requirements related to IT
  • Understand the BIG PICTURE
  • Know who is responsible and why
  • Get a working understanding of the effect of IT laws on your organisation and its business
    • Get an overview of IT laws, including, the ECT Act, RICA, PAI Act, and the Protection of Personal Information Bill
    • Become sufficiently familiar with the general content of IT laws to discharge your duties
  • Understand the context of IT laws and how they interact
  • Be the King or Queen of the board room
  • Get our insights on running a successful project
  • Get some quick wins
  • Be aware of the lastest developments

See the article Are you aware of applicable IT laws for more information.

“Legal experts were brilliant” delegates at an IT Governance, Risk and Compliance conference

Who should attend? Why should they be aware of IT laws?

  • Directors (executive and non-executive, CEOs and FDs) – to discharge their legal duties and direct the course of the organisation
  • CAEs, auditors and assurance providers (internal and external) – to audit and provide assurance regards IT
  • CROs and Risk Managers – to address IT legal risks
  • CIOs and IT Managers – to manage IT
  • IT Operators – to ensure that IT operates
  • IT Security officers - to secure IT
  • Information (protection) officers – to balance access to information and protection of personal information
  • IT Governance officers and specialists – to govern IT
  • Compliance officers – to effectively comply with IT laws
  • Consultants - to advise and provide solutions on IT related issues
  • Legal advisors (corporate lawyers or in-house lawyers) – to provide good legal advice on IT issues
  • Attorneys and advocates - to provide good legal advice on IT issues

Who is the presenter?

John Giles, Partner, Michalsons Attorneys
John is an information, communications and technology (ICT) lawyer. He has 10 years of experience applying his knowledge to organisations to help them grow and avoid legal problems, difficulties, and disputes. He is a member of the King III IT Governance Sub-Committee.  He is currently helping many organisations comply and consider IT laws, rules, codes and standards and address IT legal risks.  John finds the best board meetings to be in a suit in the surf.

How long is it?

It depends on the format – anything from 45 minutes to a full day.

What does it cost?

Please email us asking for a quote.


The webinar is online. It is live, so you can ask questions to make sure that you get the information you are looking for.

If you want a personal in-house seminar at your offices, please contact us and we will send you a quote.

Still have questions?

Click here to find out more about webinars. If you have any questions please email support@michalsons.com.

Tags: , , , ,

No Comments Yet

Sorry, the comment form is closed at this time.

Twitter icon


Some sections of #POPI have commenced. Read what the impact is at bit.ly/RhG8sv. #POPIA #popiact

Last week