Programme for Privacy and/or Cybersecurity

Description

Do you have a plan to manage your privacy and/or information security?

You don’t have to navigate the complexity of privacy and security requirements all by yourself.

 

privacy | security | compliance risk monitoring | awareness training | audit readiness | technical training

 

What do you get?

• The baseline cost gives you and your PrivSec team access to our KnowWhatSkills platform for 12-months.
• We adapt our generic programme to your needs and assign role players (or a project owner of you only have one assignee).
  • we have a generic programme for POPI compliance and ISO27001 ISMS management
  • you may need only security or only privacy
  • you may have other legislations or frameworks that you have implemented
  • you may want to include other quality management programmes that overlap
• Each of your team members gets
  • tasks specific to their role
  • structured mentoring engagements that use blended learning techniques to level up competency and know-how
  • a fix number of hours access to our consultants per month to get on-the-job training, which they can schedule via the platform
  • our consultants provide generic and bespoke resources for you to use so they save time implementing best practices
  • personalised guidance on which formal certificate training is best suited to skills development needs and business risk
  • progress reports and milestone tracking
• If you are facing specific issues or would like help to manage a security incident, additional services are available at nominal additional cost, subject to quotation.

How does the pricing work?

• The programme is managed via our KnowWhatSkills platform, so it is cost effective and scalable
• We will provide you with a quotation based on your team size and requirements
• You pay a upfront deposit, then we bill you monthly

The aim is to make skills development affordable and practical. Find out how we can assist. REQUEST A QUOTE

Why?

• The POPI Act and supporting Regulation requires the following:
  • your staff need to kept aware of POPIA and the changes that the Regulator has implemented (and there are a growing number of changes these days!)
  • that you manage and improve your cybersecurity on a regular basis
• Your clients and investors increasingly expect your cybersecurity framework to benchmarked against international best practices.
  • Our PrivSec Programme is based on the ISO27001 ISMS approach and leverages any frameworks relevant to your business, such as SOC2, OWASP, PCI-DSS, etc.
  • The framework can be shaped to help you prepare for external audits or client due diligence reviews
  • Vulnerability Assessments can be requested at additional cost to more accurately identify your cybersecurity risks.
• The cost of training technical team members is prohibitive and is often not aligned to business needs
  • KnowWhatSkills maps competencies gained against personalised skill development plans for each member enrolled on the platform.
  • Certification courses are recommended based on actual business needs and are offered at a discounted rate through our affiliate training partners
  • Skills development is benchmarked against international skills frameworks such as SFIA so that you can see measurable progress.

When you might need this for Privacy or Security

• You need to complete a privacy and data protection due diligence to get new business
• you think you might need to apply for Authorisation from the Information Regulator;
• you need help with getting something done in OneTrust or other privacy platform;
• something in your business is changing and it will impact on your privacy or security;
• you are assessing a new supplier or system or cloud service and would like a professional view of their security or privacy stance;
• you need to do a Privacy Impact Assessment (or Personal Information Impact Assessment) but are not sure how;
• you have identified a privacy or security risk and you need to know how to tackle it
• you would like to mature in some aspect of privacy or security;
• you have a specific issue or incident that needs attention;
• you need additional training or help with your privacy or security programme
• …or anything similar, just ask

Events that might impact on your Roadmap

• you experienced a security incident or data breach
• you have received a notice from a Regulator regarding your privacy compliance or gaps in your information security
• you want to conduct an internal audit of your ISMS, privacy programme, security certification, etc.
• you think you might like to go for a ISO certification or you have a external audit coming up to renew your certification
• something in your business is changing and you need to review how you manage your information
  • mergers
  • outsourcing
  • digitalisation
  • rapid growth in new business and/or new staff
  • adoption of new tech and innovation;
• you would like to digitalise a paper process;
• you have implemented a new system but you’re unsure how it impacts on your privacy policies;
• you want to implement a new system but you’re unsure how secure it is or where it should be hosted ;
• you want to streamline and improve your SOPs for:
  • IT support
  • software development
  • website development
  • incident management & handling data breaches
  • internal communications about systems and IT;