There are several laws in South Africa which impose obligations on organisations to treat certain types of information as “sensitive”. In this regard, “sensitivity” includes all references in a law to information which is personal, private, confidential, secret, sensitive or cannot be disclosed. Many of the laws provide for offences and penalties where sensitivity requirements are not complied with.

In this audit we assess the extent to which an organisation has:

  1. Identified which of those laws are applicable to it,
  2. Determined the sensitivity of the information that it possesses, and
  3. Specified access restrictions and other sensitivity related handling criteria in respect such information.

Where necessary, we make recommendations on which laws to comply with and how to do so.

For further information please contact infosecaudit@michalsons.com

If you want to find out more about Information Security click here.

Click here to test your awareness of Technology Laws.