Practical steps to becoming POPI compliant

Practical steps to becoming POPI compliant

Our KPMG Privacy methodology proposes a phased approach to privacy compliance that is both flexible and dynamic to ensure that we continuously provide commercially sensible, value adding insights to our clients’ business environment.

1000

Associate Director

KPMG in South Africa

Contact

Also on KPMG.com

Our KPMG Privacy methodology proposes a phased approach to privacy compliance that is both flexible anddynamic to ensure that we continuously provide commercially sensible, value adding insights to our clients’ business environment.

We are of the opinion that a phased rational approach, where each phase builds on findings from the previous phase, is the only way to perform a successful POPI engagement.

The methodology is divided into three phases:

  • Phase A: Through this phase we will determine your current level of maturity in respect of privacy optimisation, and particularly POPI compliance through the performance of a POPI gap analysis. During this analysis we will assess your organisation’s “AS-IS” maturity against the information protection conditions contained in the POPI Act. The results of this analysis will enable us to pin-point your POPI compliance gaps and areas for improvement. Thereafter, considering the observations obtained during the gap analysis we will develop a prioritised, organisation specific, POPI remediation roadmap which will enable you to achieve compliance with the POPI Act. Whilst organisations differ, we envisage that POPI will impact the following areas of your organisation (where applicable).Phase.
  • Phase B: The purpose of this phase is to use the foundation established during Phase A to build the privacy optimisation vision of the entity. Through this phase the entity will be assisted in the practical implementation of privacy enhancing controls that will enable them to achieve an adequate level of compliance with the POPI Act.
  • Phase C: During this phase we will assist organisations to ensure their continued compliance with the POPI Act by implementing controls to ensure that privacy optimisation controls are operating effectively.

The Protection of Personal Information Act (POPI)

KPMG's POPI team can assist by identifying specific risks for compliance, and at implementing controls to mitigate against those risks.

 
Read more

Connect with us

 

Request for proposal

 

Submit

KPMG’s new-look website

KPMG has launched a state of the art digital platform that enhances your experience and provides improved access to our content and our people, whatever device you are on.

 
Read more