POPIA: Notifications regarding IEC security compromise reported to Information Regulator

POPIA: Notifications regarding IEC security compromise reported to Information Regulator

• 14 March 2024
• Legal and Regulatory
• South African Accounting Academy

The Regulator will attend to the notifications from the IEC in accordance with the requirements of the Protection of Personal Information Act No. 4 of 2013 (POPIA).

The Regulator has advised the IEC that the notifications sent to the Regulator do not provide sufficient details about the incidents to make them compliant with POPIA requirements.

Accordingly, the Regulator has sent an information notice to the IEC requiring the IEC to furnish the Regulator with more details regarding the incidents. The requested information will assist the Regulator in determining whether the IEC has met its obligations as a responsible party under POPIA.

Click here to download the Media Statement:

https://inforegulator.org.za/wp-content/uploads/2020/07/Media-Statement-on-the-IEC-Security-Compromise.pdf

Relevance to Auditors, Independent Reviewers & Accountants:

• POPIA is an important piece of legislation that your clients must comply with, and which you must assess compliance with.  If they don’t comply with the relevant laws and regulations, you have certain reporting obligations in terms of NOCLAR (NOn-Compliance with Laws And Regulations) – this could include reporting to management, qualifying your audit opinion, reporting a Reportable Irregularity, etc.
• As an auditor, independent reviewer and accountant, you also need to be aware of media statements, enforcement notices, etc. that have been issued by/about the Information Regulator and its Enforcement Committee.

Relevance to Your clients:

• An entity (company or close corporation) should to be aware of media statements, enforcement notices, etc. that have been issued by/about the Information Regulator and its Enforcement Committee.

0 COMMENTS

LEAVE A COMMENT