It is essential for organizations to prepare for the Protection Of Personal Information Act’s (POPIA) and General Data Protection Regulation’s (GDPR) effectiveness sooner rather than later. At PPM Attorneys, we can help your organisation with all aspects of its data protection compliance project:
Training and Awareness
We can provide your organisation with:
- Basic awareness workshops for employees and management; and
- Advanced training for information officers or personnel who have a specific focus.
The purpose of a gap analysis is to give a clear picture on where your organisation currently stands with respect to data protection compliance.
We assist organisations to identify the “gaps” and to allow them to first remedy those gaps. The objective of remedying those gaps is to start a process which ultimately results in them complying with one or other of internationally recognised privacy standards such as either ISO27001 or GAPP.
At the end of the gap analysis, we will deliver our gap analysis report, including our findings and recommendations and an implementation roadmap.
PPM can also assist you in the implementation phase.
PPM Attorneys can draft, review or supplement your existing set of policies and procedures dealing with data protection, such as a POPIA manual, contract management policy, cross-border data flow policy, etc.
Compliance audit and monitoring
Once the compliance implementation program has been completed, we can proceed with a one-off compliance audit, or implement a recurring compliance audit program for your organisation or of specific divisions.
The audit process consists of 3 phases:
- pre-audit phase;
- on-site audit phase; and
- output phase.
Following completion of the pre-audit and on-site audit, we will provide you with a comprehensive report as well as an executive summary. Our audit report will include the exhaustive presentation of our findings, related recommendations and suggested implementation measures.