IT Policy Development

Website Audit

Legal Opinion

Awareness & Training

Legal Documentation

Information Security & Data Protection


We assist companies in becoming compliant with national and international data protection laws such as POPI, GDPR and the US Privacy Shield.

We follow a meticulous process of first determining which, if any, data protection legislation, regulations or statutes are applicable to your organisation. We reach our conclusion by drafting an inventory of your corporate information assets. once this inventory concludes that your organisation is indeed subject to a specific or several legislation, regulations or statutes, we then proceed to perform a legal assessment and gap analysis for you. During this process, we will identify the threat agent, threat motivation, vulnerabilities to be exploited, likelihood of an attack, as well as the potential impact a successful attack may have on your organisation. 

Compliance with latest IT-related IT Laws, Regulations, Standards & Codes such as:


The Compliance & Toolkits Process involves:

  1. Performing an Initial Risk Assessment for Company
  2. Classification of information – Information Mapping
  3. POPI_Security_Risk Assessment_Physical_Security Measure
  4. Security_Risk Assessment_Technological_Security Measures
  5. Security_Risk Assessment_Procedural  Security Measure
  6. Mapping current and potential threats to the company’s information assets
  7. Determining threat motivation
  8. Identifying vulnerabilities that may be exploited in the company specifically relating to corporate information assets
  9. Likelihood Determination
  10. Impact Assessment
  11. Risk Mitigation


Back to top

We will assist you in reviewing, drafting and implementing all IT-related policies relevant to your company. All policies are written in plain, simple to understand language with as little as possible legal jargon used. 

We specialise in: 


Although all the policies are written in plain language it does take into account who the target audience is for whom the policy is written. All policies are written in the format of a similar template which makes it much easier for employees to initially understand and get to grips with it. All the policies furthermore contain the following unique elements:

  1. It identifies a Campaign for the policy, therefore a person who will act as the focal for any inquiries regarding a specific policy.
  2. The policies spell out in no uncertain terms what employees are allowed to do and what actions are prohibited.
  3. The policy sets out the respective responsibilities for all relevant role players.

The action Human Rights are entitled to take in case a specific policy is not adhered to is set out clarity in each respective policy


Back to top

Review, redaft and amend (where necessary): 


Back to top

We provide legal opinions relating to IT legislation, policy and legislative developments in any of the following focus areas:


Back to top

In-person training

Our staff members are all industry-wide professional speakers having spoken at hundreds of international and national conferences, seminars, lectures and workshops. Our speakers are used to presenting in front of small groups of people as well as many as 900 delegates with ease.

We have found that the most popular requests for speaking engagements are in the following areas:



Back to top

Drafting and Reviewing IT-related legal documents such as:


Back to top

Organisations face the constant threat of cyber-attack. Creating an effective cyber risk strategy to mitigate the risk of cybercrime is the only way to ensure your survival, but cyber security management can be complex and costly. With so many standards, best practices and technical controls to choose from, how do you get started on your plan?
We assist organisations in:


Privacy Policy

Terms & Conditions

Designed by