Information governance

The Companies Act provides that a director must exercise powers and perform the functions required of and assigned to directors in good faith, for a proper purpose, in the best interests of the company and with the degree of skill, care and diligence that may be reasonably expected of a person carrying out the functions of a director and having the general, knowledge, skill and experience of that director. It is also statutorily required of a director to take reasonably diligent steps to become informed about how a director must exercise his or her responsibilities.

Information is the lifeblood of every modern business. As such it is incumbent upon directors in fulfilling their function to take responsibility for information and communications technologies used by a company in the course of its business in processing information and for the information itself.

The obligations of the processing information appropriately and providing adequate security safeguards in the processing of personal information are brought into sharp focus by the Protection of Personal Information Act. Directors should be aware of their obligations in terms of the Companies Act, as amplified by the King III report, and all other relevant information-related legislation and regulation governing the company’s business.

Privacy Online assists boards in understanding their obligations, and the directors’ oversight of the management, security and protection of personal information in general, and the specific obligations relating to the processing of information, including personal information, that may be central to a company’s business.

  • 13 September 2017 - 12:37:00
    In Government Gazette No. 41105 published on the 8th September 2017, the Information Regulator invited comment on the draft Regulations ...

  • 11 April 2017 - 10:02:00
    I was recently referred to an article entitled "Responding to Cybercrime at Scale: Operation Avalanche - A Case Study". The article is published by the Centre for Cyber and Homeland Security at the George Washington University and is authored by Robert Wainwright, a director of Europol and Frank J. Cilluffo, director of the Centre for Cyber and Homeland Security.

    For anyone dealing with the Cybercrimes and Cybersecurity Bill, this article provides some insight into the complexity of cybercrime and the profoundly different way in which the combatting of cybercrime needs to be addressed.