We will help you understand and successfully address the organisational impact of the PoPI Act (no 4 of 2013)
Our scope of Personal Information Management Services aims to identify organisations’ Protection of Personal Information Act (PoPIA) (no 4 of 2013) readiness gaps and build their collective competence in addressing these risks efficiently and effectively. The AVeS Cyber Security team consists of experts who are here to equip customers and clients to prove their ongoing PoPI Compliance to clients, auditors and the Information Regulator.
Refer to our Payment Card Industry (PCI) Compliance solution for information specific to protecting payment card data against loss and fraud.
What is affected by the Protection of Personal Information Act
- Organisations’ policies and procedures regarding the collection, processing and storage of personal information
- Contractual agreements with suppliers
- Bring-Your-Own-Device (BYOD) usage
- Data or device encryption capabilities
- Incident response communication plans around informing customers/clients/suppliers (data subject) of data breach
- Organisation’s marketing tactics and permission to use specific data
Data classification groups according to PoPIA
Special Personal Data
Our PoPIA Compliance Framework
Owner consent and legal responsibility
PoPIA Compliance Status
Governance, Risk and Compliance Services
"Obtain integrated governance, risk and compliance reporting capabilities across organisational units and work groups."
>> Find out more about our GRC services
Information Security Management Services
"We will help you fight less fires by aligning your information security management approach to international best-practice standards."
>> Find out more about our ISO services
Information Technology Governance Services
"Prove the business-enabling value of, and increase trust in, your organisation's information systems."
>> Find out more about our IT Governance services
Book a PoPIA readiness assessment