Personal Information Management Services

PoPIA Assessments and Implementations

>> Contact us for a PoPIA readiness assessment

We will help you understand and successfully address the organisational impact of the PoPI Act (no 4 of 2013)

Our scope of Personal Information Management Services aims to identify organisations’ Protection of Personal Information Act (PoPIA) (no 4 of 2013) readiness gaps and build their collective competence in addressing these risks efficiently and effectively. The AVeS Cyber Security team consists of experts who are here to equip customers and clients to prove their ongoing PoPI Compliance to clients, auditors and the Information Regulator. 


Refer to our Payment Card Industry (PCI) Compliance solution for information specific to protecting payment card data against loss and fraud.

What is affected by the Protection of Personal Information Act

  • Organisations’ policies and procedures regarding the collection, processing and storage of personal information
  • Contractual agreements with suppliers
  • Bring-Your-Own-Device (BYOD) usage
  • Data or device encryption capabilities
  • Incident response communication plans around informing customers/clients/suppliers (data subject) of data breach
  • Organisation’s marketing tactics and permission to use specific data

Data classification groups according to PoPIA

  • Non-Personal Data

  • Personal Data

  • Special Personal Data

Our PoPIA Compliance Framework

Owner consent and legal responsibility

PoPIA Compliance Status

Book a PoPIA readiness assessment