The Information Officer of an organisation is an important person. By default, every single organisation in South Africa has one. The law (more particularly the Promotion of Access to Information Act or PAIA) automatically designates a person in each organisation as the Information Officer. Not the Chief Information Officer or CIO, but an Information Officer. At a point it was referred to as the Information Protection Officer, but the correct term is Information Officer. Some people also refer to the Privacy Officer, but in our view this is the incorrect terminology. The role of a Privacy Officer is something else and may encompass the Information Officer. But the two should not be confused.

Do I have an Information Officer?

Every organisation has one. All public bodies, like a national department, provincial administration, or municipality. And all private bodies, like companies, CCs, partnerships, and trusts. Unlike the PAIA Manual, nobody is exempt. Every body has one whether you like it or not?

What are their responsibilities?

The Information Officer is an important person, because they are responsible for ensuring that the organisation complies with PAIA. They are also the person who is responsible for ensuring that the organisation complies with POPI. They are a key person in any PAIA or POPI project. They must also be registered with the Information Regulator.

So, who should the Information Officer be?

Many organisations are busy trying to work out who the person should be. Is it the CIO, the IT Manager, the information security officer, the legal adviser, the compliance officer? What should the structure be and how many people do you need? Do you need one Information Officer and two deputies, or just two deputies? Should one deal with PAIA and the other with POPI? Who is accountable and who is responsible? Should the responsibility be designated to someone else?

How we can help?

We can help you to appoint your Information Officer properly by:

  • answering your questions by advising you,
  • briefing the head of your organisation (or body) on the role of the Information Officer,
  • providing you with a Job Specification or Description for the Information Officer so that you can appoint someone within your organisation or recruit a new employee, and
  • giving you a letter of appointment to make sure the person selected knows what their responsibilities are.
  • raising your awareness of POPI and its potential impact on your organisation at one of our workshops


If you are interested, please complete the form on the right or enquire now. We will contact you to find out more about your requirements and give you a quote.