Best practices for meeting current and emerging compliance regulations to protect your organisation

With the recent exponential growth in digital technology, there has been a stronger call from governments across to the world for the protection of personal data. This includes key legislation such as the POPI Act and the GDPR.

The legislation around data protection is extensive with the onus lying on the data holder to ensure protection of this information. The implications of a data breach can have extensive consequences for the data holder ranging from monetary fines to even jail time for key individuals in a business. This is why data protection needs to be a key consideration in your business and IT system strategy.

RSM offers a holistic approach to data protection that will ensure that your organisation is covered from every angle. Our risk advisory, technology and legal teams work together to provide you with a solution that not only complies with legislation, but also minimises your risk and makes the most business sense.

Our risk-based approach is broken into 4 phases:


This critical first phase allows us to define the scope and expected outputs and establish a process plan.


Here we will review documentation, policies and procedures and look to the functional of your systems to meet legislative requirements.


Analysis and evaluation of processes and policies in place to identify weaknesses or missing policies and measures in order to comply.  We will assist in implementing rectified processes, procedures and policies.


A concise report will be compiled, with a focus on key findings in a gap analysis. Recommendations will also be reflected in a roadmap to compliance.

RSM can provide you with the following fit for purpose policies, procedures and IT environment changes to support your compliance requirements:

  • PAIA Manual as amended by POPI
  • Comprehensive Data Protection Policy (Internal & External)
  • Model clauses for contracts (Employment, Consent & Operator clauses)
  • Personal Information Sharing Policy (including access requests, and trans border transfers)
  • Website Privacy Policy (Including Cookies Policy)
  • Security Compromises Policy
  • Data Retention Policy
  • BYOD Policy
  • CCTV and Photographic Images Policy
  • Information Officer Appointment Letter
  • Password Policy

Contact us

Complete this form and an RSM representative will be in touch.