Governance element
 Principle/s
 Summary recommendation/s
 Difference to King II
Chapter 2. Boards and directors
Role and function of the board
 2.13. The board should report on the effectiveness of the company’s system of internal controls
 Refer to chapters 7 and 9
 Similar to King II but implications are broader considering new King III recommendations
Chapter 3. Audit committees
Internal assurance providers
 3.8. The audit committee should be an integral component of the risk management process
 The audit committee should specifically have oversight of:
  • Financial reporting risks
  • Internal financial controls
  • Fraud risk as it relates to financial reporting
  • IT risk as it relates to financial reporting.
 New requirement
Chapter 3. Audit committees
Reporting
 3.10. The audit committee should report to the board and shareholders on how it has discharged its duties
 In reporting to the shareholders on its
statutory duties, the audit committee
must report on (amongst others):
  • The committee’s view on the
    financial statements and the
    accounting practices
  • Whether the internal financial
    controls are effective
  • The audit committee should
    recommend the integrated report for
    approval by the board.
 New requirement
Chapter 4. The governance of risk
The board’s responsibility for risk
governance
 4.1. The board should be responsible for the governance of risk
 A policy and plan for a system and
process of risk management should be
developed.

The board should comment in the integrated report on the effectiveness of the system and process of risk management.
 Similar to King II but implications
are broader considering new King III
recommendations
Risk assurance 4.9. The board should receive assurance regarding the effectiveness of the risk management process Internal audit should provide a written assessment of the effectiveness of the system of internal controls and risk management to the board. Similar to King II but implications are broader considering new King III recommendations
Chapter 7. Internal audit
  7.3. Internal audit should provide a written assessment of the effectiveness of the company’s system of internal controls and risk management
 Internal audit should form an integral part of the combined assurance model as internal assurance provider.

Internal controls should be established not only over financial matters, but also operational, compliance and sustainability issues.

Companies should maintain an effective governance, risk management and internal control framework.

Internal audit should provide a written assessment of internal controls and risk management to the board.

Internal audit should provide a written assessment of internal financial controls to the audit committee.

Management should specify the elements of the control framework.
 New requirement