Networks Unlimited has recently appointed a new Risk and Compliance Officer, Siphokazi Mato, to ensure the company functions in a legal and ethical manner while meeting its business goals. Compliance is a crucially important aspect of a business, referring to the practice and processes of how a company adheres to established guidelines and legal specifications.
Mato explains: “Compliance is necessary to ensure that Networks Unlimited conducts its business in compliance with all national and international laws and regulations, as well as professional standards relating to the company’s particular business arena. The penalties and imprisonment for non-compliance can have disastrous effects on an organisation, which makes it critically important for doing business.
“Compliance has become significantly important all over the globe, particularly in Europe and some countries in North America that South Africa does business with. It thus became imperative for companies in Africa to follow suit. The Protection of Personal Information Act (POPIA), which came into force on 1 July this year, is going to play a critical role in terms of compliance requirements in South Africa.”
Mato says POPIA is a win for all involved, as it allows a data subject to have ownership of their personal information as well as to monitor its transfer. However, this means organisations will need to have more stringent measures in place to ensure that all the personal information held is done so with the requisite consent, and used only for the purpose for which it was intended.
“Furthermore,” she explains, “the Act requires organisations to educate their employees about POPIA, as well as ensure that the necessary measures are in place to ensure legal compliance. This piece of legislation requires ongoing monitoring of the controls in place.
“In addition to the POPI Act, there are numerous other laws, regulations, standards and practices with which we need to adhere for compliance. When we speak of data privacy laws, the most common ones are the European Union’s General Data Protection Regulation (GDPR), the US Privacy Act, the UK’s Data Protection Act and the Malabo Convention in Africa, to name a few.”
Mato adds that compliance officers are responsible for developing compliance programmes, reviewing company policies and advising management on possible risks, and thereafter for ensuring the organisation adheres to policies and procedures, especially regulatory and ethical standards. They perform regular audits, design control systems and help to design and implement company policies.
Having graduated with a Bachelor of Arts (BA Law) and Bachelor of Law (LLB) Degree, she notes that there are many legal requirements in the compliance arena that constantly need to be considered, and that a legal background helps the incumbent to better manage the demands of the role.
“Preparing a compliance risk assessment requires an in-depth study of the relevant legislation, regulations, directives and policies in order to effectively apply these to the organisation, as well as assess whether the relevant controls we have in place are adequate to address the risk involved,” she explains.
“Furthermore, having an attorney in the role means that you have a compliance officer who can provide legal opinions on how the relevant legislation will affect the organisation.”
“We are very pleased to welcome Siphokazi to the management team,” adds CEO Anton Jacobsz. “Her two primary levels of responsibility include, firstly, compliance with the external rules that are imposed on our organisation as a whole, and secondly, compliance with internal systems of control that are imposed to achieve compliance with the externally imposed rules.
“Her appointment is a further reflection of the ongoing evolution of our business, and we know that having a compliance officer as part of our organisation will improve and mature Networks Unlimited’s business practices further.”
Read the ITWeb article here.