Why choose the IT Governance Network?

Global leaders in the design and implementation of IT governance frameworks and mechanisms.

Experienced, skilled and practical assistance in building capability and improving performance.

Quick and effective value delivery and the governance of risk management.

POPI Implementation Tool

iso 27001Fulfilling the requirements of the POPI Act might appear to be daunting. Where should one start and what are the priority issues? A POPI management system can help direct and coordinate the activities required in a POPI programmme and continuously improve the level of compliance and readiness to respond to instances of non-compliance with the POPI Act.

Find out more about our functionally rich POPI Management System that support small and large organisation's POPI implementations.

Jump start your POPI programme by starting with a POPI management system!   

More about POPI Management Systems ...

Information Officer’s Role in System Design

The information officer has two important roles regarding system design. The first is to give advice and guide responsible parties about compliance with the conditions for the lawful processing of personal information. The second is to confirm compliance with the conditions for the lawful processing of personal information.

To be effective, information officers need to be involved from the very beginning of any system design and will require access to information about the business requirements, system design, system management, service delivery, information security and the related privacy concerns.

Information officers will need an appropriate level of detailed knowledge and understanding of the data processing as well as access to the facilities, system components and information about the design and operation.

System development

For each individual module (or project milestone) in a development programme, the information officer should confirm with the project team that the agreed-upon implementation of the module complies with the conditions for the lawful processing of personal information.

Typical tasks that involve the information officer are:

  • Documenting personal data-relevant business processes
  • Defining the master data
  • Determining the reporting system
  • Examining the information flow of personal data, application interfaces and data flows to other systems
  • Establishing personal information processing criteria
  • Evaluating the user authorisation concept
  • Evaluating test plans
  • Defining migration and legacy data transfer.

Reliability of Information Officers

Information officers have a long term responsibility to the responsible parties, data subjects and the regulator for ensuring that the design of systems results in the lawful processing of personal information. The advice information officers give to system designers needs to be reliable so that the choices they have are correctly evaluated and appropriate decisions are made regarding the processing of personal information.

Often system designers and service providers focus only on getting systems to work well at solving a particular problem or delivering a specific service. They forget that an important property of processing personal information is to do so lawfully and therefore protect individual rights, enable intervention and inspection the data processing system, have it changed, and if necessary, shut off the system completely.

COBIT 5 Assessor mistakes!

Common mistakes by COBIT 5 assessors.

View video

King IV Corporate Governance Assessment

King IV assessmentAssess the current level of your organisation's corporate governance using this King IV assessment tool.

Read more...

COBIT Assessment as a Service

COBIT 5 AssessmentConduct a COBIT assessment using this COBIT Assessment-as-a-Service.

Read more...

POPIA Assessment as a Service

it governance oversightThe POPIA Assessment-as-a-Service is an efficient and effective approach to determining the extent to which the requirements of the Protection of Personal Information Act have been addressed.

Read more...

Go to top