IT Legal Framework

IT Legal Framework2019-03-15T09:16:56+02:00

Are you looking for an IT Legal Framework that will help your organisation monitor, evaluate and assess compliance with the regulatory requirements related to your information technology? Are you wanting to address the legal aspects of IT Governance, Risk and Compliance (GRC) in a practical way to real issues. Our legal framework translates the law into what you must do to comply with it. It helps you to apply the law to your specific organisation in a practical way following a risk-based approach. For each regulatory requirement we set out:

  • A description of the regulatory requirement
  • The risks of non-compliance
  • The law the requirement comes from
  • Our recommendations on what to do to comply

How you benefit?

By using our legal framework you will:

  1. reduce your legal risk profile
  2. demonstrate the application of the IT governance and compliance aspects of the King Code and COBIT
  3. implement current best practice
  4. manage the risks of non-compliance
  5. avoid legal problems, difficulties, and disputes
  6. keep your board informed of relevant laws

Many organisations have used the framework with great success

We have put all our knowledge, experience and insight about IT Law into this one document so that you address the important things. This is a legal framework that assists organisations to do the following with their information, communications and technology (ICT):

Who should use the Legal Framework

  • IT Governance officers and specialists – to govern IT
  • Compliance officers – to effectively comply with IT laws
  • Information (protection) officers – to balance access to information and protection of personal information
  • Legal advisors (corporate lawyers or in-house lawyers) – to provide good legal advice on IT issues
  • Information Security Officers – to secure IT
  • CIOs and IT Managers – to manage IT
  • CAEsauditors and assurance providers (internal and external) – to audit and provide assurance regards IT
  • CROs and Risk Managers – to address IT legal risks

“It is increasingly used as a vital reference tool by our internal audit team” – A financial services provider.

Who does it apply to?

This framework is for all organisations, including public and private bodies, profit and not-for-profit organisations, and organisations in all sectors.

We continually update it

We continually update the IT Legal Framework and have been doing so since 2002. Laws and risks change and therefore the framework needs to be updated often. We are currently busy with the next major update.

What do you get?

The framework current only covers South Africa. If you would like us to extend the framework to cover another country in addition to South Africa, please ask us for a quote.

You will receive a document in an editable format. We always try to reduce the size of the framework by focussing on the most significant risks. In this way, we act as a filter for you and only bring the most important risks and controls to your attention.

Some people use a Compliance Action Plan together with the framework. The framework sets out the generic regulatory requirements that IT law requires every organisation to do. The action plan contains what the specific organisation has done or is going to do to comply with IT Laws. The framework and plan are separate but related documents.


If you are interested, please complete the form on the right or enquire now. We will contact you to find out more about your requirements and give you a quote.

Learn more about IT Legal Compliance