Cloud compliance is about complying with the laws and regulations that apply to using the cloud. Most organizations are moving to the cloud because there are good business reasons to do so. The law does not prevent the adoption of [...]
Many people ask us what their organisation must comply with. What is voluntary and what is mandatory. Organisations must comply with all applicable laws. So for example, you must comply with RICA, GDPR, POPIA, the Consumer Protection Act - but [...]
We are often asked which is best compliance approach? Particularly regards IT legal compliance. Also what constitutes legal compliance and non-compliance? The King Report and King Code says that the governing body should provide strategic direction on compliance. Few topics in IT have garnered [...]
What happens when a group of businesses that all sell the same thing, e.g. bread, get together and decide that they will all charge the same price for bread? Well, the consumer is forced to pay this price because there [...]
Interested in PCI DSS compliance? Do you need to comply with the Payment Card Industry (PCI) Data Security Standard (DSS)? A merchant, service provider or bank that processes any cardholder data, needs to know about PCI DSS and what is means [...]
A new year – and new challenges for those of us who work to ensure organisations comply with the law and meet regulatory requirements. What does 2014 hold in store in for us? What are major themes or priorities going [...]
Every organisation should have a compliance strategy for complying with laws that apply to them. (for example the POPI Act or the GDPR). King says that the governing body should provide strategic direction on compliance. It should be unique and specific to your business [...]
Measuring compliance is very important, but difficult to achieve. One of the most difficult issues with compliance is precisely how to measure it as the determination is very subjective. There are different types of compliance. For us, compliance itself is not [...]
Information Security policies support compliance in many ways. Vicarious liability Beyond sensitising employees to the risks posed by technology, information security policies minimise the organisation's exposure to vicarious liability for unauthorised or unlawful acts carried out by employees during the [...]
