Protection of Personal Information Act - Section 19

"A responsible party must secure the integrity and confidentiality of personal information in its possession or under its control by taking appropriate, reasonable technical and organisational measures to prevent:.

  1. loss of, damage to or unauthorised destruction of personal information
  2. unlawful access to or processing of personal information."

"In order to give effect to these requirements, the responsible party must take reasonable measures to:

  1. identify all reasonably foreseeable internal and external risks to personal information in its possession or under its control
  2. establish and maintain appropriate safeguards against the risks identified
  3. regularly verify that the safeguards are effectively implemented
  4. ensure that the safeguards are continually updated in response to new risks or deficiencies in previously implemented safeguards".

"The responsible party must have due regard to generally accepted information security practices and procedures which may apply to it generally or be required in terms of specific industry or professional rules and regulations."

 

Have you checked that your security safeguards are adequate?

King IV Corporate Governance Assessment

King IV assessmentAssess the current level of your organisation's corporate governance using this King IV assessment tool.

Read more...

COBIT Assessment as a Service

COBIT 5 AssessmentConduct a COBIT assessment using this COBIT Assessment-as-a-Service.

Read more...

POPIA Preliminary Assessments

it governance oversightPOPIA preliminary assessments provide an efficient and effective approach to determining the extent to which the requirements of the Protection of Personal Information Act have been addressed.

Read more...

Go to top