Xperien risk assessment tool helps corporates determine readiness.
In the run-up to the event, Xperien has launched a risk assessment tool that will help corporates determine IT Asset Disposal (ITAD) readiness. The company is offering a complimentary data protection risk assessment tool that will help uncover any potential risks in current processes for storing and disposing of confidential data.
Bridgette Vermaak, head of IT asset disposal at Xperien is one of the PoPI experts that will be presenting at the ITWeb PoPI Update II 2017 event that will be held at Summer Place, Hyde Park on 21 November 2017.
The POPI Act has been signed by the President and is now law, it sets conditions for how to lawfully process personal information. The Information Regulator has published the regulations for comment and companies will only have one year from the commencement date to comply or face significant consequences.
The Act enforces companies to introduce strict measures and guidelines that will safeguard the processing, usage and handling of sensitive information. It places a strict onus on businesses when it comes to handling personal information about their clients, staff and customers.
The IT Asset Disposal Fitness Check is an analytical tool that will help them determine their level of ITAD compliance and readiness. By participating in the IT Asset Disposal (ITAD) management analysis, five companies will also stand a chance of winning a free ITAD policy formulation.
Vermaak says few organisations have procedures in place to deal with the notification of security breaches. “The analysis will help companies understand the various risks of non-compliance associated with IT Asset Disposal.”
She warns that companies cannot always provide evidence that all personal data that resides on used and decommissioned hard drives, has been disposed of in a compliant manner as required by King IV.
"What method of data destruction is used on your redundant IT assets, is it data sanitation (digital shredding), hard drive degaussing, hard drive destruction (physical shredding) or hammer and drill,” she explains.
“Or if you are using a service provider, do you get fair market value (FMV) for your redundant IT equipment and can they deliver full reporting, including waybills, inventory and certificates for disposed assets. These are some of the questions that need to be answered," she concludes.