Please specify your role in the organisation
How many people does your company employ?
How many people report to you?
In which industry does your company operate?
1. Which department in your organisation is taking overall responsibility for complying with the POPI Act?
2. Do you understand what POPI means for your organisation?
3. What level of priority is placed upon POPI for your organisation?
4. Is your organisation going to be ready to meet the POPI Act requirements?
5. Does your organisation have the following in place when it comes to its POPI preparations?
6. Regarding any measures that will not be implemented before the POPI deadline, what are the main reasons for not implementing them?
7. To what extent s your organisation aware that it could have to pay fines if it fails to comply with the POPI Act?
8. If your organisation were to be fined due to non-compliance with the POPI Act, what do you think the implications could be?
9. The POPI Act specifically states that organisations must 'implement appropriate technical and organisational measures' to ensure the ‘pseudonymisation and encryption of personal data’. Which of the following most accurately describes your organisation’s status with regard to encryption?
10. What type of encryption does your organisation have in place?
11. Does your organisation have effective measures in place to protect against the following methods of data loss?
12. Does your organisation have an internal data security policy in place?
13. Does your organisation have a formal education plan for employees around what the data security policy is and what is expected of them when handling personal data?
14. Which of the below does your organisation use as part of its data protection policy?