Popia Advisory_

Understand your current compliance to PoPIA and where to improve_

Product Overview

The purpose of PoPIA (Protection of Personal Information Act) is to enforce everyone’s constitutional right to privacy and the safeguarding of their personal information against theft, fraud, and other abuses. All businesses collect and process personal information about employees and clients. PoPIA introduces new data protection obligations for businesses while providing increased data protection for data subjects. PoPIA stipulates conditions for the lawful processing of personal information while ensuring its security and protection against theft, fraud and other abuses of rights to privacy.


PoPIA is compulsory for all and sets out conditions around how personal information should be lawfully processed and stored by third parties to ensure its security and protection. All businesses have personal information about their employees, suppliers, and clients. In fact, policies like FICA (Financial Intelligence Centre Act) actually demand personal and financial client data be gathered and stored.


But what happens if data is misused, stolen or lost? Data breaches can come from a variety of sources and not every data breach is caused by sophisticated hacking attempts. Many can stem from human error or mundane oversights, which doesn’t make them any less damaging.


Businesses need to be familiar with PoPIA requirements and have an active plan towards PoPIA compliancy or face the risk of substantial fines, imprisonment, or both. For these reasons, it’s important to understand whether you have the right processes and controls in place to protect your company and its data.


PoPIA has changed the way we do business. Armata’s PoPIA Advisory Services assist businesses in a consultative approach to identify the key challenges and determine the necessary steps to take as part of the journey towards PoPIA compliance. Armata does not, however, certify PoPIA compliance.

Armata offers a PoPIA Advisory Service with the following components:

  1. Conduct an Information Audit to determine:
    – The categories of personal information your organisation processes
    – Why is it processed (what’s the purpose?)
    – Where and how you store the personal information
    – Who you share personal information with
  2. Appoint or work with an Information Officer
  3. Conduct an Organisational Impact assessment
  4. Create an awareness guideline for the organisation and staff
  5. Run a Posture Assessment
  6. Run security assessments to see how easily Data can be compromised by third parties or internally
  7. Recommend improvements
  8. Offer on-going monitoring and reporting of your Data compliance

Why buy

Learn how PoPIA impacts your organisation.
Consult with your legal and IT experts to determine the best approach to resolving these issues.
Ensure the adequate measures needed to comply with PoPIA’s eight conditions for lawful processing of personal information are in place.
Minimise the risk of an information breach, penalties and/or civil action for damages.
 Identify any glaringly obvious compliance gaps.
Being accountable for personal information fosters trust with all business stakeholders.

How it works

PoPIA Advisory

Features & Benefits

Create a baseline of current PoPIA status:

This helps to establish current risk towards PoPIA non-compliance.

Implement policies and solutions on data control:

By implementing policies and solutions on data control there is less risk of data breaches and thus less risk of PoPIA non-compliance.

Recommendations on what to improve:

Get a road map of recommendations to assist on the journey to PoPIA compliance improvement.

Ongoing PoPIA monitoring:

Businesses change all the time – ongoing monitoring ensures that the business stays PoPIA compliant.

Are you ready for Popia?

Get protected