Main Promo Images
A framework to initiate and control the implementation of information security
King IV information and technology governance
Respect for human rights while enabling the free flow of information
King IV corporate governance assessment-as-a-service
Corporate governance of ICT
A framework for the Governance and Management of IT
Global leaders in the design and implementation of IT governance frameworks and mechanisms.
More than 10 years experience in the protection of personal information (POPIA).
Consulting services, software solutions and wide range of training available.
How mature is your IT organisation? Are your service providers any better? An ISACA certified COBIT 5 assessor can provide you with an accurate assessment of your organisation's capability and guide your organisation in building the desired capability following a formal, highly regarded, internationally recognised approach.
Many assessments of capability have no formal basis and therefore provide varying results. An ISACA certified COBIT 5 assessor will ensure that the results are credible.
Before you outsource you services check the service provider's capability, and if not acceptable make it a condition of the ongoing relationship that the service providers achieves a suitable capability level for your organisation.
Processing in the cloud has many benefits, but when is unlawful?
The Protection of Personal Information Act requires all organisations to review their current practices relating to the processing and use of personal information to ensure the privacy related risks are being properly managed. A POPI impact assessment is a structured approach to gathering and analysing the impact.
The information officer has two important roles regarding system design. The first is to give advice and guide responsible parties about compliance with the conditions for the lawful processing of personal information.
Asking for a checklist to become POPI compliant is about the same is asking for the recipe to become rich. There will always be someone willing to sell you a "get rich quick checklist", however rarely do they actually make you rich!
The same is true for the POPI Act!
The Information Regulator is a juristic body responsible for the protection of personal information across South Africa.
Service providers will have direct legal obligations in respect of the personal data they have in their possession or under their control. The Protection of Personal Informaton Act enables all data subjects to request service providers to confirm whether or not they are processing the data subject's personal information and enables data subjects to claim compensation for unlawful processing of their personal data directly from the service provider if there is no other responsible party.
The Protection of Personal Information has been signed by the President. It is now the law!
The uncertainty about the obligation public and private bodies have regarding the protection of personal information is over. People have the right to not have their personal information misused and should take action against anyone who willfully misuses their personal information.
Are your HR recruiters requesting unnecessary information from job applicants? Are the job applicant vetting procedures unlawful? Is your "Tip-off Anonymous" reporting service in breach of the Protection of Personal Information Act? Contact us to find out why these practices are unlawful.