Since the deregulation of Voice over Internet Protocol (VoIP) in 2005, many South African organizations are now attempting to leverage its cost saving and competitive values. However, it has been recently cited that VoIP is one of the greatest new risks to organizations and this risk is cited to increase Information Security insurance premiums in the near future. Due to the dynamic nature of the VoIP technology, regulatory and legislative concerns such as lawful interception of communications and privacy may also contribute to business risk. In order to leverage value from the VoIP implementation, an organization should implement the technology with knowledge of the potential risk of civil liability. This is further highlighted by the King III Report which indicates that the Directors of an organization should be ultimately responsible for Corporate Governance and, therefore, IT Governance and Information Security Governance. The report goes further to say that any newly implemented technology, such as VoIP, should comply with all South African legislation and regulations. This responsibility encourages the practice of both due care and due diligence. However, recent trends exercised by Information Security professionals, responsible for drafting Information Security policies and related procedures, often neglect the regulatory requirements and choose to only implement international best practices with no consideration of the risk of civil liability. Although these best practice frameworks may inadvertently comply with existing local legislation, a chance of an oversight is possible. Oversights may not only result in criminal sanctions, but also civil action due to losses or damages suffered. With regard to implementing VoIP, good Corporate Governance could potentially be ensured through the use of both identified regulations and relevant international best practices. This dissertation aims to aid organizations in avoiding or at least mitigating the risk of civil liability to better leverage VoIP’s value, through good Corporate Governance practices. This should aid in the exercise of due care and due diligence when implementing VoIP as a means of conducting business communication.
| Identifer | oai:union.ndltd.org:netd.ac.za/oai:union.ndltd.org:nmmu/vital:9812 |
| Date | January 2012 |
| Creators | Gerber, Tian Johannes |
| Publisher | Nelson Mandela Metropolitan University, Faculty of Engineering, the Built Environment and Information Technology |
| Source Sets | South African National ETD Portal |
| Language | English |
| Detected Language | English |
| Type | Thesis, Masters, MTech |
| Format | ix, 193 leaves, pdf |
| Rights | Nelson Mandela Metropolitan University |
Page generated in 0.0011 seconds