our Services

The assessment comprises a series of questions designed to gauge your compliance posture. The assessment identifies implemented people, process and technology controls already leveraged to comply with regulatory requirements. Once completed, we can identify compliance gaps and prioritise next steps.


Compliance Assessment

Organisations are required to maintain a record of processing activities (ROPA). As part of this service, we not only consult with representatives across your organisation to document the categories of information processed but also assist you to classify this data based on its sensitivity and risk, enabling appropriate protection of sensitive data.


ROPA & Data Classification

Like people and technology controls, process controls are essential to an organisation’s compliance framework. Key internal policies such as an Information Security Policy and an Incident Response Policy are integral components of any organisation’s compliance programme and the drafting of these policies is a key service we offer.


Policy 

Drafting

Employees’ buy-in and understanding is essential to implementing change within an organisation. Our Data Privacy Training outlines the organisation’s legal obligations in a simple, non-legal way. We also explain some of the recommended people, process and technology controls required and their importance.


Data Privacy 

Training

Organisations must conclude written agreements with third parties processing personal information on their behalf. Other contracts such as employment contracts are necessary to document parties’ obligations when processing personal information. With legal expertise, we offer drafting and reviewing of these agreements.


Contract Drafting & Review