Privacy Online provides the following training to assist entities in ensuring that the core competency in the processing of business and personal information may be developed and constantly improved.
- Information governance
This training addresses the responsibilities of boards of directors and senior executives within entities with specific reference to their legal obligations to govern, manage and security information, including the obligation to protect personal information.
- Information management
This training addresses executive management's responsibilities to implement appropriate structures, processes and technologies in its processing of business and personal information.
It includes, without limitation:
- Compliance and legal obligations
- Development of appropriate organisational frameworks
- High level information security capability
- Policy development
- Risk management (with the focus of information)
- Training and development
- Incident response management
- Information officer
This training addresses the responsibilities of the information office in complying with the Promotion of Access to Information Act and the Protection of Personal Information Act. It also addresses information security implementation and the monitoring and reporting on information security within an organisation. Without limitation, the following issues will be dealt with this training:
- Duties in terms of the Promotion of Access to Information Act
- Duties in terms of the Protection of Personal Information Act
- Duties in respect of other appropriate information-related obligations in other legislation
- In-depth information security training
- Compliance with on-going and changing privacy developments
- Business managers:
This training addresses the responsibilities of line function managers in their protection of personal information and information security obligations. The training addresses, without limitation:
- Ownership of information (persons responsible for managing the processing of information)
- Duties in categorisation of information
- Determination of access control
- Determination of appropriate security requirements
- The monitoring of compliance with policy and procedures
- End user training:
This training addresses the minimum requirements that all users (from the chief executive officer to its most junior staff members) of an entity’s information and communications technologies and its information need to understand in the processing of information within the organisation. The training will also provide insight into the life skills required by employees in processing information in the 21st Century, which would be useful to them in their everyday lives as well as customised skills developed for particular business requirements.
This training may be facilitated by way of eLearning based training programmes, customised to the needs of the organisation.
- Train-the-Trainer training:
As training is an on-going obligation this training addresses the requirement for continuous on-going training in organisations and the creation of core competencies in training addressing protection of personal information and information security. This may also be incorporated with the development of policies within an organisation and will be designed to assist professional trainers in understanding and developing appropriate content for in-house training facilitation.