POPIA: Notifications regarding IEC security compromise reported to Information Regulator
14 March 2024
Legal and Compliance
South African Accounting Academy
The Regulator will attend to the notifications from the IEC in accordance with the requirements of the Protection of Personal Information Act No. 4 of 2013 (POPIA).
The Regulator has advised the IEC that the notifications sent to the Regulator do not provide sufficient details about the incidents to make them compliant with POPIA requirements.
Accordingly, the Regulator has sent an information notice to the IEC requiring the IEC to furnish the Regulator with more details regarding the incidents. The requested information will assist the Regulator in determining whether the IEC has met its obligations as a responsible party under POPIA.
Relevance to Auditors, Independent Reviewers & Accountants:
POPIA is an important piece of legislation that your clients must comply with, and which you must assess compliance with. If they don’t comply with the relevant laws and regulations, you have certain reporting obligations in terms of NOCLAR (NOn-Compliance with Laws And Regulations) – this could include reporting to management, qualifying your audit opinion, reporting a Reportable Irregularity, etc.
As an auditor, independent reviewer and accountant, you also need to be aware of media statements, enforcement notices, etc. that have been issued by/about the Information Regulator and its Enforcement Committee.
Relevance to Your clients:
An entity (company or close corporation) should to be aware of media statements, enforcement notices, etc. that have been issued by/about the Information Regulator and its Enforcement Committee.
0 COMMENTS
There are not comments for this article at the moment, check back later.
LEAVE A COMMENT
You must be logged in to add a comment, log in now.