Global leaders in the design and implementation of IT governance frameworks and mechanisms.
More than 10 years experience in the protection of personal information (POPIA).
Consulting services, software solutions and wide range of training available.
The Regulations relating to the protection of personal information require information officers to ensure that internal measures are developed together with adequate systems to process requests for information or access thereto.
How mature is your IT organisation? Are your service providers any better? An ISACA certified COBIT 5 assessor can provide you with an accurate assessment of your organisation's capability and guide your organisation in building the desired capability following a formal, highly regarded, internationally recognised approach.
Many assessments of capability have no formal basis and therefore provide varying results. An ISACA certified COBIT 5 assessor will ensure that the results are credible.
Before you outsource you services check the service provider's capability, and if not acceptable make it a condition of the ongoing relationship that the service providers achieves a suitable capability level for your organisation.
The General Data Protection Regulation (GDPR) is the European Union's data protection legislation. It applies to organisations located within the EU and organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location. In most respects it is similar to the Protection of Personal Information Act (POPIA), however it does not apply to juristic persons. In South African juristic persons are afforded data protection similar to that for natural persons.
The Protection of Personal Information Act requires all organisations to review their current practices relating to the processing and use of personal information to ensure the privacy related risks are being properly managed. A POPI impact assessment is a structured approach to gathering and analysing the impact.
The Information Regulator has issued Regulations relating to the protection of personal information. These Regulations clarify some of the requirements of the Protection of Personal Information Act and add further obligations related to the processing of personal information.
Asking for a checklist to become POPI compliant is about the same is asking for the recipe to become rich. There will always be someone willing to sell you a "get rich quick checklist", however rarely do they actually make you rich!
The same is true for the POPI Act!
Organisations are finding it necessary to contend with increasingly dynamic and demanding external and internal environments by making good corporate governance accessible and fit for application through the adoption of governance practices suitable to the organisation and able to sustain value creation.
Service providers will have direct legal obligations in respect of the personal data they have in their possession or under their control. The Protection of Personal Informaton Act enables all data subjects to request service providers to confirm whether or not they are processing the data subject's personal information and enables data subjects to claim compensation for unlawful processing of their personal data directly from the service provider if there is no other responsible party.
Implement the ICT Governance Policy Framework quickly and effectively using this specifically designed implementation tool that will customise your ICT Governance implementation to your organisation's specific needs.
Don't miss the DPSA's deadlines, get your ICT organisation up-to-date quickly using this tool. Developed by persons who have been working with the DPSA's ICT Governance Policy Framework this tool will reduce the effort required to fulfil the requirements.
Processing in the cloud has many benefits, but when is unlawful?
Assess the current level of your organisation's corporate governance using this King IV assessment tool.
Conduct a COBIT assessment using this COBIT Assessment-as-a-Service.
POPIA preliminary assessments provide an efficient and effective approach to determining the extent to which the requirements of the Protection of Personal Information Act have been addressed.