With the COVID-19 situation and more companies pushing people to work from home, there has been a dramatic increase in information security threats such as phishing attacks, email scams etc.

This has caused a steady increase in compliance requirements globally to protecting personal information.

POPI in South Africa was fully enacted on 1 July 2020.

GDPR (General Data Protection Requirements) has been in place for a couple of years and is the European Union regulations regarding protection of personal information.

 For these and other country Personal information regulations, they all require the implementation of an ISO27001 Information Security Management System.

How Can POPI FOR BIZ Help You Implement An ISMS For Your Business?

An ISMS can be a complex entity dealing with many variables. Its complexity will depend largely on the scale and nature of the owner organization, along with the volume, nature and variety of the information involved.

POPI FOR BIZ can help you make the implementing of the ISO 27001 Information Security Management System as streamline and less intrusive as possible. We can help you with that.

There are many different aspects that needs to be given attention to ensure the full compliency of your business.

Some of these aspects that POPI FOR BIZ can help you with are:

  • Scope – At the head of the ISMS is the statement of scope. This defines the logical and geographical boundaries of the ISMS: in other words, the people, places and information to which the ISMS will apply
  • Policy – POPI FOR BIZ can help to generate a  policy statement which is the high level overview of precisely what the ISMS is seeking to achieve. It should define factors such as the criteria to be applied during risk assessment and the types of security breach the ISMS will seek to protect against. It should pay consideration to other policies within the organization which may have an impact on the ISMS. It also defines top level roles and responsibilities, such as who, at management level, has approved the policy, and who is responsible for the maintenance and implementation of the ISMS.
  • Risk assessment – Risk assessment lies at the heart of the ISMS and will almost always form the largest section of its content. POPI FOR BIZ can help you get an accurate assessment that provides a focus for the implementation of security controls and strategies, and ensures that these controls and strategies are correctly prioritized and cost effective.
  • Risk handling strategies – All identified risks must be addressed in the most effective ways possible. POPI FOR BIZ can help you structure these ways so that they will be most effectively implemented to suite your business’ needs.

Track Non-conformances

A key requirement of ISO Management systems is the logging, tracking, correction and prevention of Non-conformances or Non-compliance. Use the POPI FOR BIZ NC Management system to log all your non-conformances. Allocate resources to complete corrective actions, complete effective root cause analysis and execute effective preventative action.

Customer Complaint Mngt

Your business or organisation depends on the speedy resolution of all customer complaints. The POPI FOR BIZ Customer Complaint management system allows you to quickly log a complaint, allocate the appropriate resource to correct the complaint. This is followed by effective root cause analysis and preventative action to ensure no repeat complaints. Comprehensive reports and complaint status is standard in the system.

Business Improvements

How do you drive business improvement – easy you log any event, incident, or error that occurs. You allocate these events to the appropriate people to correct, and then apply effective root cause analysis and carefully planned preventative action to ensure no future event and drive improvement. Use detail analysis to monitor and measure improvements.

Management System Implementation

You have decided to implement or need more information on an ISO Management system (ISO 9001 Quality or ISO 14001 Environment Management or ISO 27001 Information Security Management plus more). You need assistance or advice on how to go about these requirements, what is involved, how long it will take etc. – POPI FOR BIZ provides this expert consulting service.