The Protection of Personal Information Act 4 of 2013 ("POPIA")

R9 950.00

Documents also available individually.

About this product

The POPI Act requires the appointment of a responsible party, who must ensure compliance with the eight conditions of POPIA.  This includes the duties as set out in regulation 4(1) to develop a Personal Information Impact Assessment (PIIA) and a compliance framework to ensure adequate measures and standards exist to comply with the conditions for lawful compliance and implementation. This product assists responsible parties on its road to compliance. 

Why you should buy this product. 

The success of any PIIA, compliance framework and implementation program starts off with an investigation into the way the organisation operates when it comes to processing and documenting personal information. This Toolkit will assist the Information Officer and the compliance team to plan and execute the PIIA and to implement the compliance framework. 


This product is template based and should be customised for your particular business. 

Legislative framework

This module comprises legislation, regulations, guidelines and documents published by the Information Regulator on POPIA and PAIA to assist with the implementation of POPIA.

Personal Information Impact Assessment – PIIA

In terms of regulation 4(1), the responsible party must conduct a Personal Information Impact Assessment or PIIA, also commonly known as the gap analysis. Our uniquely designed documents assist the privacy practitioner with guidance and spreadsheets to perform the PIIA and to report internally on the Gaps identified on a risk and compliance basis.

Compliance Framework

Our compliance frameworks flows from the PIIA and assist the privacy practitioner on the roadmap of compliance to plan and implement the remedial actions to compliance with the 8 conditions of POPIA.

Implementation framework and templates

This module consist of templates, policies and procedures to assist the Responsible party to implement its compliance framework and drive its compliance process to completion. 

This product does not replace proper assessment procedures, but rather assist the business on its PIIA and compliance process. Our team of experts can assist you with the PIIA, compliance framework and implementation. For assistance contact us on or

The following form part of the Toolkit:

  • Publication - The POPI Act explained
  • Simple time management planner template
  • List of relevant legislation to consider legal compliance
  • List of policies (not actual policies) and procedures for implementation
  • Template = PIIA Report template
  • POPIA toolkit - Addendum to employment contract

  • POPIA Toolkit - Annexure to employment contract

  • POPIA Toolkit - Confidentiality & NDA for Employees

  • POPIA Toolkit - Consent as a requirement of POPIA

  • POPIA Toolkit - Consent form - Annexure to employment contract

  • POPIA toolkit - Consent form employees others

  • POPIA Toolkit - Flow diagram for data retention Information

  • POPIA toolkit - General notice to third parties

  • POPIA Toolkit - Incident management process

  • POPIA Toolkit - Incident response plan

  • POPIA toolkit - Internal appointment of IO

  • POPIA toolkit - NDA for employees and directors

  • POPIA Toolkit - Operator clause for service level agreements

  • POPIA Toolkit - PAIA & POPI Manual

  • POPIA Toolkit - PIIA Report

  • POPIA toolkit - Policy control sheet

  • POPIA toolkit - Policy toolkit

  • POPIA Toolkit - Privacy & Data Protection Policy

  • POPIA toolkit - Privacy notice re processing

  • POPIA toolkit - Progress report and tracker

  • POPIA Toolkit - Request For Access - Forms

  • POPIA toolkit - Simple time management plannerPOPIA toolkit - Teleworking policy template

General Personal Information Protection policy (inclusive of)

  • Office related procedures – clean desk and shredding, paper records and filing systems, archiving and storing of records
  • IT and IT Security/Cybersecurity, Internet and remote access, e-mails
  • Social media and personal matters
  • Information quality and management
  • Special personal information and children/Medical
  • Work from home and telecommute on privacy
  • POPIA training and induction training
  • Policy maturity and implementation
  • Clean screen, password protection and desktop
  • De-identification, deletion, and restriction of PI
  • Media statements
  • Access control and access levels
  • Template - POPIA / PAIA manual
  • Template - Operator agreement/clauses
  • Template - Incident response plan/policy
  • Templates for learners and apprenticeships
  • Template - 10 check lists/Infographics for compliance
  • Template - Company assets, laptops, phones (other devices) and bring your own device policy