Performing Information security and POPIA compliance gap analysis
Assign topic to the user
For deliverables 1, 2, and 3 a good approach would be developing checklists based on ISO 27001 and POPIA requirements to perform the gap analysis and plans on how to apply them and specific timelines. Besides the reports themselves, additional deliverables would be these checklists and plans.
Regarding deliverable 4, sorry but this deliverable requires technical expertise that is out of our scope of work.
These tools can help you to have a general idea about the gap analysis:
- Free ISO 27001 Gap Analysis Tool https://advisera.com/27001academy/free-iso-27001-gap-analysis-tool/
- EU GDPR Readiness Assessment Tool https://advisera.com/eugdpracademy/eu-gdpr-readiness-assessment-tool/
Since gap analysis has similarities with internal audit, you may benefit from this material:
- ISO 27001/ISO 22301 Internal Audit Toolkit https://advisera.com/27001academy/iso-27001-22301-internal-audit-documentation-toolkit/
For further information, see:
- How similar is the South African POPIA to the EU GDPR? https://advisera.com/eugdpracademy/blog/2021/08/23/how-similar-is-the-south-african-popia-to-the-eu-gdpr/
- How to make an Internal Audit checklist for ISO 27001 / ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-make-an-internal-audit-checklist-for-iso-27001-iso-22301/
Comment as guest or Sign in
Jul 21, 2022