The spirit of the following principles from King III, applicable to risk management, could be replicated in the public sector environment.
King III states:
· The Board should be responsible for the governance of risk;
· The Board’s responsibility for risk governance should manifest into a documented risk management policy and plan;
· The Board should determine the levels of risk tolerance;
· The Board should be assisted by the risk committee or audit committee to carry out its risk responsibilities;
· The Board should delegate to Management the responsibility to design, implement and monitor the risk management plan;
· The Board should ensure that risk assessments are performed on a continual basis;
· The Board should ensure that frameworks and methodologies are implemented to increase the probability of anticipating unpredictable risks;
· The Board should ensure that Management considers and implements appropriate risk responses;
· The Board should ensure continual risk monitoring by management;
· The Board should receive assurance regarding the effectiveness of the risk management process; and
· The Board should ensure that there are processes in place enabling complete, timely, relevant, accurate and accessible risk disclosure to stakeholders.