Loading Events

« All Events

  • This event has passed.

Info Sharing Session: Think You’ve Covered Your POPI Risk? Think Again

Date:
26 October, 2017

Speaker:

26 October, 2017

BarnOwl Info Sharing session: 26 October 2017

“SO YOU’VE INSTALLED THE SECURITY SOFTWARE…THINK YOU’VE COVERED YOUR POPI RISK? THINK AGAIN

Presented by Ron Keschner, one of the founders and creators of Tarsus Dispose IT

Thank you very much Ron Keschner for your enlightening presentation at our BarnOwl info sharing event held at the BarnOwl offices in Bryanston on the 26th October 2017. The event was well attended and very well received. Thank you Ron.

Ron showed a video (included in the presentation link below) where 2nd hand photo copiers were purchased and the hard drives removed to find out what data was on them. In one case criminal records, social security numbers, pay slips, bank statements, IDs, tax information etc. were extracted. In another case, detailed personal medical history was recovered for 1000s of patients. Not only is this a serious breach of data privacy laws (no matter what the country / jurisdiction) but this information in the wrong hands is a gold mine for those with criminal intent.

Ron enlightened us about IT Asset Disposal (ITAD) which is no longer about selling end-of-term hardware to the highest bidder. Stringent legislation NOW demands environmental compliance, safety of sensitive information and financial and tax compliance. (King 4 requires ITAD to be included in all audits going forward). The penalties and consequences of losing company data is frightening not just in terms of reputational damage but in terms of fines and criminal sentencing:

NEMWA;2008 & PoPIA;2013

  • 5-10 Year Criminal Sentencing
  • R5m – R10m Enforced Penalty (this is the bare minimum)

PLUS…

  • MASSIVE REPUTATIONAL DAMAGE (PoPIA)

“Offender must make a breach public knowledge by means of mass media”

  • National print media
  • Online media

NB: “NPA’s focus has shifted to the conduct of company directors and the scope for personal criminal liability for environmental degradation caused on their watch”.

Source: Werksmans Attorneys

The Tarsus IT disposal unit (company) specialises in the disposal / resale of ‘end-of-term’ hardware and the professional scrubbing of data. In some instances helicopters are used to guard the trucks transporting the hardware from the client site to Tarsus’s secure warehouse where the data is scrubbed. Data is now more valuable than a truck full of money, not just in terms of the criminal repercussions of losing or leaking data but also the reputational damage done to your company and to the privacy of any individual involved. I also found it very interesting that your asset register should include the weight of the hardware since there are stringent environmental regulations around asset disposal / eWaste.

So, when your IT manager tells you not to worry because:

  • “I have Deleted the files”
  • “I can just format the hard drive”
  • “I will just reload your Operating System”

Don’t be fooled….. all the information can still be retrieved by someone who knows what they are doing!

When it comes to asset disposal you require specialist services to ensure POPI compliant data destruction and disposal of redundant assets:

  • Data Destruction
  • Data Sanitization
  • HDD Destruction
  • eWaste collection

One way to minimise the risk of falling short of POPI is to engage with a COMPLIANT ITAD service provider, who will ensure an auditable and compliant disposal of IT and electronic goods process. The service provider should also help recover value for the goods, manage complex logistics and provide all the necessary compliance with regulations.

Once again thank you Ron for your time and for sharing with us your extensive and practical experience.

You can download Ron’s presentation here and view a video recording of the info sharing session here.

Written by: Jonathan Crisp

Director – BarnOwl GRC and Audit software

About Ron Keschner:

Ron Keschner is one of the founders and creators of Tarsus Dispose IT, the business concept created solely around the requirements of corporate Risk Management.

After almost 20 years in the South African IT hardware channel, first as a product GM at Tarsus Technologies and then as founder and Managing Director of Channel Capital, the IT hardware funder, he realised in early 2016 that with the onset of POPIA and the global explosion around data security, this would soon become the key focus of CIO’s as well as Risk Managers across the length and breadth of the South African corporate arena.

Together with GO Rentals, South Africa’s Premier IT rental and hardware-as-a-service supplier, Tarsus then created Tarsus Dispose-IT to address all issues around the implementation of an effective and compliant ITAD (IT Asset Disposal) policy and give corporate business peace of mind with the upcoming promulgation into law of the POPI Act.

As presenter of Business Mix’s The Shake Rattle and Ron Show, Ron is sure to make a compelling case for exactly where Risk Management really should be focusing its efforts over the next 12 to 24 months.

About BarnOwl:

BarnOwl is a fully integrated governance, risk management, compliance and audit software solution used by over 200 organisations in Africa, Australasia, Europe and the UK. BarnOwl is a locally developed software solution and is the preferred risk management solution for the South African public sector supporting the National Treasury risk framework.

20171026_085617-e1509702605771
20171026_093432_0003_Layer-0 (1)
20171026_093432_0001_20171026_084845 (1)
20171026_093432_0000_20171026_083913-e1509702621982_0001_Layer-020171026_093432_0000_20171026_083913-e1509702621982_0000_20171026_093432_0002_20171026_083952-e1509702576523

Subscribe to BarnOwl's Information Portal

Subscribe to BarnOwl’s information portal today and receive our monthly newsletter with the latest GRC and audit insights, industry updates, priority access to exclusive events, tip of the month and more straight to your inbox!

BARNOWL PARTNERS

GRCReady is the official provider of risk management content for the BarnOwl GRC software solution. GRCReady provides extensive risk libraries and risk maturity checklists/surveys which are integrated with BarnOwl.

GRCReady, based in Australia, offers a comprehensive and holistic library of products and associated services including templates, policies, procedures, guidelines, checklists etc.t to help owners and directors of SMEs, startups and corporates to satisfy their corporate governance, risk management and regulatory compliance needs.

By integrating GRCReady's rich content libraries into BarnOwl's GRC software, we are able to offer our clients a state of the art, turnkey GRC solution.

GRCReady provides, arguably, the most comprehensive risk and governance maturity assessment framework with detailed steps and artefacts. BarnOwl's survey and action plan portal provides a simple and effective way to monitor and report on your current state of risk maturity and suggest and drive remedial action plans to take you to your desired state of risk and governance and maturity.

By integrating GRCReady's risk libraries with the BarnOwl GRC software, means that you don't have to start from scratch. In addition, ongoing updates and insights keep you informed and up-to-date on best practices.

www.grcready.com

BARNOWL PARTNERS

Season Rhyrhm is BarnOwl's preferred partner in Botswana assisting with BarnOwl implementations, support services and client relationship management.

Season Rhythm is an established and distinguished player in the ICT sector in Botswana, specialising in a range of cutting-edge solutions. Season Rhythm leverages BarnOwl to provide tailored GRC&A services to businesses in Botswana facilitating:

  • Governance: Enabling organisations to establish and uphold effective governance structures, ensuring transparency and accountability in decision making processes.
  • Risk Management: Equipping businesses with tools to identify, assess and mitigate risks, safeguarding against potential threats and ensuring continuity in a business environment.
  • Compliance: Ensuring adherence to regulatory frameworks and industry standards, protecting businesses from non-compliance penalties and fostering trust among stakeholders.
  • Audit: Streamling the audit process with comprehensive tools for planning, execution and reporting, driving efficiency and accuracy in internal audit and compliance assessments.
  • www.sr.co.bw/ict

BARNOWL PARTNERS

BarnOwl works closely with NSA in the field of GRC and assurance.

NSA is an education and risk & assurance advisory services provider, consisting of a team of professional consultants and facilitators who have been hand-picked on experience and expertise. NSA services include:

  • Strategic intervention: 30 expert consultants facilitating strategic planning, combined assurance, effective governance and risk management assignments.
  • Continuous professional development: CPD training for internal auditors, external auditors, accountants, risk managers, government officials, and psychologists.
  • Online learning: accredited training for the local government sector, including the Municipal Financial Management Program and Supply Chain Management.
  • Online skills development: skills in demand for 2030, including cybersecurity, Protection of Personal Information, Artificial Intelligence, Robotics and programming.

BarnOwl and NSA work closely with our clients to align and enable best practice GRC and assurance framework & methodologies within BarnOwl. NSA regularly presents online information sharing sessions together with BarOwl.

www.nextstepac.com

BARNOWL PARTNERS

Nico Technologies is BarnOwl's preferred partner in Malawi assisting with BarnOwl implementations, support services and client relationship management.

Nico Technologies Limited is an established IT products and services provider in Malawi, specialising in managed IT services, IT infrastructure services, IT project management, digital solutions, digital transformation and IT advisory.

Nico Technologies uses BarnOwl extensively within their own organisation to automate and manage their own risk and compliance functions.

www.nicotechnologies.com

BARNOWL PARTNERS

Morgan Solus is BarnOwl's preferred business continuity specialist consulting firm with its 'BCM toolkit' software. BarnOwl GRC together with the BCM toolkit, provides a comprehensive risk management and BCM software solution.

Morgan Solus is a specialist consultancy firm focusing on risk, resilience and continuity. Morgan Solus's core services are centred on resilience, crisis management, business continuity (BCM), IT services continuity and disaster recovery (DRP) and training.

The BCM toolkit ensures a consistent approach to implementing BCM and IT disaster recover and cuts down implementation timelines by 60% whilst driving up successful outcomes.

BarnOwl's extensive GRC and assurance functionally coupled with Morgan Solus's BCM toolkit provide the ultimate risk management and BCM software solution.

www.morgansolus.co.za

BARNOWL PARTNERS

Arbutus Analytics is Barnowl's preferred data analytics software. BarnOwl GRC integrated with Arbutus Analytics, provides the ultimate in continuous risk monitoring.

Arbutus Analyzer is a powerful data access and analysis solution specifically developed for auditors, business analysts, and fraud investigators. Its robust performance and user-friendly features offer you the ability to access and analyse data quickly and simply.

BarnOwl GRC, integrated with the real-time metrics from Arbutus provides a strategic early warning system driving preventative and predictive capability facilitating effective business decision making business improvement.

www.arbutussoftware.com with local sub-sahara African distributor www.betasoftware.co.za

BARNOWL PARTNERS

Barnowl works closely with Pax Resilience in the field of GRC and sustainability.

Pax Resilience offers solutions in risk, resilience and cyber security. Pax Resilience strive to create peace of mind by assisting you to build the resilience in your organisation so essential to survive and thrive in the volatile, uncertain, complex and ambiguous world we live in.

Pax Resilience regularly presents online information sharing sessions together with Barnowl.

www.paxresilience.io

BARNOWL PARTNERS

Paige Law is the official provider of compliance content for the Barnowl GRC software solution. Paige Law provides an extensive Library of South African acts including provisions [CRMPs] and checklists which are integrated with Barnowl.

Paige Law specialises in compliance, Commercial Law, Legal process consultancy, managed legal services and POPIA/ GDPR.

CONTACT US

Registered Address

75 Malibongwe Drive
Linden Ext
2194
South Africa

Postal Address

PO BOX 3009
Randburg
2125

Telephone

+27 (0) 11 540 9100

Email

More Information: info@barnowl.co.za
Product Support: support@barnowl.co.za

Let Us Contact You
Let Us Contact You
I grant BarnOwl permission to contact me for marketing purposes*
*You will receive BarnOwl monthly newsletters & invitations to online events. You can unsubscribe at any time.

CONTACT SUPPORT

If you need assistance with your BarnOwl software, there are three channels available to you:

Email

support@barnowl.co.za

You will be emailed a ticket number from our issue tracking system and your request will be managed in
this ticket until it is completed.

SUPPORT HUB LOGIN

You can view all your existing tickets or create new ones.

Telephone

+27 (0) 11 540 9112
to speak to a support consultant

Let Support Contact You
Let Support Contact You