How to perform assessments of compliance with the POPI Act

AUDITING THE LAWFUL PROCESSING OF PERSONAL INFORMATION

The Protection of Personal Information Act requires compliance with eight conditions for the lawful processing of personal information, including the continuous improvement of the safeguards that give effect to these conditions. Regular auditing of compliance with these eight conditions is an important compensating control that the Information Regulator with consider when investigating reports of non-compliance.

Overview

This 2 day course provides delegates with an understanding of how to lead, plan, execute and report an organisation’s compliance with the eight conditions for the lawful processing of personal information. Delegates will learn about the audit objectives and scope, the audit process, tests to be performed when assessing the current status, the privacy practices and the controls.

Internal audits of the processing of personal information are an important compensating control that the Information Regulator will expect when investigating an interference with an individual’s right to privacy.

This seminar will help participants understand the business risks and audit process that is required to evaluate the processing of personal information and to provide assurance to the responsible parties, information officer and regulator.

Seminar Objectives

Participants will gain an understanding of the requirements of the POPI Act and the audit process to be followed to give assurance.

On completion of this seminar participants will be able to:

Seminar Outline

Participants will learn through discussion and practical examples how to undertake an audit of the POPI programme, the processing of personal information and the privacy practices and controls necessary for the Protection of Personal information Act.

This seminar includes topics about: