Why choose the IT Governance Network?

Global leaders in the design and implementation of IT governance frameworks and mechanisms.

More than 10 years experience in the protection of personal information (POPIA).

Consulting services, software solutions and wide range of training available.

POPIA Compliance Framework and Monitoring System

POPI Compliance FrameworkThe Protection of Personal Information Act is technical and complex, it requires a wide range of technical and organisational measures to be implemented to protect the rights of natural and juristic persons to privacy.  To ensure compliance, the Information Regulator requires all organisations to develop and implement a compliance framework so that they can effectively monitor the protection afforded natural and juristic persons. 

A functionally rich POPIA Compliance Framework and Monitoring System supports small and large organisations effectively and efficiently achieve POPIA compliance. It enables organisations to jump start their POPIA programme by implementing an international standards-based POPIA compliance framework.   

More about the POPIA Compliace Framework and Monitoring System ...

POPI Training Courses

POPI training

The Protection of Personal Information Act requires all public and private bodies to ensure that how they use personal information is lawful, that there are systems in place for the protection of personal information, and there are processes for handling requests from the Information Regulator and affected individuals (i.e. data subjects). A range of POPI courses are now available, presented by knowledgeable and experienced POPI specialists.  

More about POPI training ...

General Information

International standardsISO 27001 is widely regarded as an acceptable framework for information security management. However many ISO 27001 implementations do not adhere to the specification and therefore fail to provide an acceptable level of information security.

An ISO 27001 information security management system (ISMS) coordinates and manages the effective and efficient deployment of information security resources and processes to ensure ongoing confidentiality, integrity and availability of information and information systems in line with predefined operational and strategic objectives.

The Protection of Personal Information has been signed by the President. It is now the law!

The uncertainty about the obligation public and private bodies have regarding the protection of personal information is over. People have the right to not have their personal information misused and should take action against anyone who willfully misuses their personal information.

Are your HR recruiters requesting unnecessary information from job applicants? Are the job applicant vetting procedures unlawful? Is your "Tip-off Anonymous" reporting service in breach of the Protection of Personal Information Act?  Contact us to find out why these practices are unlawful.

Download the POPI Act

This is a sample ...

Technology and information governance is the King IV term for what is generally known as IT governance. Its about the ability of the enterprise's board to evaluate, direct and monitor the use of an enterprise's technology and information resources in support of the achievement of the organisation's strategic objectives. Leadership, organisational structure and processes are used to leverage information and technology resources to produce the information required and drive the alignment, delivery of value, management of risk, optimised use of resources, sustainability and the management of performance.

COBIT 5 Assessor mistakes!

Common mistakes by COBIT 5 assessors.

View video

King IV Corporate Governance Assessment

King IV assessmentAssess the current level of your organisation's corporate governance using this King IV assessment tool.


COBIT Assessment as a Service

COBIT 5 AssessmentConduct a COBIT assessment using this COBIT Assessment-as-a-Service.


POPIA Preliminary Assessments

it governance oversightPOPIA preliminary assessments provide an efficient and effective approach to determining the extent to which the requirements of the Protection of Personal Information Act have been addressed.


Go to top