LITERATURE REVIEW

2.10. LOCAL GOVERNMENT LEGISLATIVE FRAMEWORK IN SOUTH AFRICA

Cyber-security efforts in South Africa are led by the Cyber Response Committee which operates under the State Security Agency’s oversight (Symantec, 2016b). This interim committee has the following role players:

a) South African Police Service (SAPS), which plays the role relating to the investiga t io n of cybercrimes.

b) Department of Telecommunication and Postal Services is the custodian of a cyber hub, and supports initiatives to ICT users on cyber-security matters.

c) Department of Justice and Constitutional Development whose role is legisla t io n drafting.

d) State Security Agency provides administration support to the Cyber Response Committee and is also responsible for the implementation of cyber-security initiat i ves in the country whilst waiting for promotion of comprehensive legislation on various aspects of cyber-security.

e) Department of Science and Technology plays a significant role in the development and implementation of research and initiatives to advance the needed skills to deal with cyber aspects in the country.

f) Department of International Relations and Cooperation, which is responsible for international relations specific to cyber-security.

g) Department of Defence is responsible for the cyber offensive and defensive development and implementation thereof.

2.10. LOCAL GOVERNMENT LEGISLATIVE FRAMEWORK IN SOUTH

government consists of municipalities, which must be established for the whole of the territory of the Republic; (2) The executive and legislative authority of a municipality is vested in its municipal council; (3) A municipality has the right to govern, on its own initiative, the local government affairs of its community, subject to national and provinc ia l legislation, as provided for in the Constitution, and (4) The national or a provinc ia l government may not compromise or impede a municipality’s ability or right to exercise its powers or perform its functions” (RSA, 1996).

Municipal responsibilities are presented in section 152 which states that “(1) the objects of local government are-

(a) To provide democratic and accountable government for local communities;

(b) To ensure the provision of services to communities in a sustainable manner;

(c) To promote social and economic development;

(d) To promote a safe and healthy environment; and

(e) To encourage the involvement of communities and community organisations in the matters of local government”

Section 155 of the constitution makes provision for the establishment of municipalities under the following categories. It states:

“(a) Category A: A municipality that has exclusive municipal executive and legislative authority in its area.

(b) Category B: A municipality that shares municipal executive and legislative authority in its area with a category C municipality within whose area it falls.

(c) Category C: A municipality that has municipal executive and legislative authority in an area that includes more than one municipality”.

2.10.2. The Municipal Finance Management Act, No.56 of 2003

National Treasury introduced financial management reforms across government in 1994 and in local government in 1996. The Municipal Finance Management Act (MFMA) is the cornerstone of the local government reform, and seeks to provide a framework for financ i a l management to maximise municipalities’ capacity to deliver services as entrenched in the

Constitution (RSA, 2003). This act intends to establish a sound financial governance framework by describing roles and responsibilities of officials, the Mayor, and Council.

Cyber-security initiatives are dependent on the management support which could include financial support. The financial support ought to fall under the ambits of MFMA. The prescripts of MFMA must be met including budgeting requirements if management is to provide financial support to implement cyber-security processes in the municipality.

2.10.3. Municipal Systems Act, no 32 of 2000 (MSA)

The Municipal Systems Act (MSA) (RSA, 2000) states that “A municipality-

(a) is an organ of state within the local sphere of government exercising legislative and executive authority within an area determined in terms of the Local Government: Municipal Demarcation Act, 1998;

(b) consists of-

(i) the political structures and administration of the municipality; and (ii) the community of the municipality;

(c) functions in its area in accordance with the political, statutory and other relationships between its political structures, political office bearers and administration and its community; and

(d) has a separate legal personality which excludes liability on the part of its community for the actions of the municipality”.

One of the objectives of the act is to ensure universal access to essential services (RSA, 2000). The MSA refers to basic municipal services as “a municipal service that is necessary to ensure an acceptable and reasonable quality of life and, if not provided, would endanger public health or safety or the environment” (p, 14). Cyber-security breaches can be one of the serious risks that can negatively impact the municipality to deliver some of such basis services. Section 4 (2)(a) of MSA Chapter 2 prescribes that “the council of a municipalit y, within the municipality's financial and administrative capacity and having regard to practical considerations, has the duty to exercise the municipality's executive and legislative authorit y and use the resources of the municipality in the best interests of the local community” (RSA, 2000).

2.10.4. Local government: Municipal Structures Act 117 of 1998

The Structures Act prescribes the municipalities in the country to develop an Integrated Development Plan (IDP) which is a strategic plan document for municipalities (RSA, 1998).

Section 26 of the Structures Act presents components that must be contained in an IDP document and it states that “An integrated development plan must reflect (a) the munic ipa l council's vision for the long term development of the municipality with special emphasis on the municipality's most critical development and internal transforma tion needs; (b) an assessment of the existing level of development in the municipality, which must include an identification of communities which do not have access to basic municipal services; (f) the council's operational strategies; (g) applicable disaster management plans; (h) a financ ia l plan, which must include a budget projection for at least the next three years”. Cyber-security initiatives within the municipality are part of Council’s operational strategies. Financia l support should be incorporated into the financial plan as prescribed by the Structures Act applied together with the MFMA.

2.10.5. Definition of a metropolitan municipality in South Africa

The Structures Act (RSA, 1998) defines Category A Municipality (Metropolita n Municipality) as

“(a) a conurbation featuring—

(i) areas of high population density

(ii) an intense movement of people, goods, and services:

(iii) extensive development: and

(iv] multiple business districts and industrial areas; ~o

(b) a centre of economic activity with a complex and diverse economy:

(c) a single area for which integrated development planning is desirable: and (d) having strong interdependent social and economic linkages between its

constituent units”.