TRIPLE ISO CERTIFIED · SANDTON, SOUTH AFRICA
POPIA, PIA Manual
& FSC Compliance
done properly.
From Privacy Impact Assessments and POPIA manual drafting to FSC regulatory alignment — structured, auditable compliance programmes built for South Africa's regulatory environment.
POPIA ACT 4 OF 2013
FSCA REGUATORY COMPLIANCE
INFORMATION REGULATOR ALIGNED
ISO 27001 CERTIFIED
WHAT WE DELIVER
Six compliance services.
One cohesive programme.
01
POPIA Compliance Programme
End-to-end programme covering all eight conditions — gap analysis, bespoke POPIA Manual, Information Officer appointment and annual review cycle.
02
Privacy Impact Assessment (PIA)
Methodology-driven PIA across all in-scope processing activities — risk scored, documented to Information Regulator standard, with a full remediation roadmap.
03
PAIA Manual & Privacy Notices
Section 51 PAIA manuals, website privacy notices, cookie policies and Data Subject Rights procedures — the transparency instruments the law requires.
04
FSC Compliance Programme
FAIS, TCF, Fit and Proper, and FSCA cybersecurity guidance — structured to satisfy both licence conditions and supervisory expectations in a single integrated framework.
05
Data Breach Response
From detection through to Information Regulator Form 2 notification — a structured breach response capability built to meet POPIA's notification obligations.
06
Ongoing Compliance Retainer
Quarterly health-checks, regulatory update briefings and document refresh — keeping your compliance posture current as regulations evolve and your business changes.
From a Sandton IT consultancy to a nationally recognised, triple ISO-certified infrastructure partner. Each milestone reflects a deliberate expansion of capability — never ahead of our ability to deliver it reliably.
POPIA PENALTY EXPOSURE
Up to R10 million in administrative fines — or 10 years' imprisonment for responsible parties.
Section 107, Protection of Personal Information Act, 2013
FSC EXPOSURE
FSCA can impose administrative sanctions, debarment or licence suspension for FSP non-compliance.
FAIS Act & FSCA Conduct Standard obligations
OUR METHODOLOGY
From engagement to auditable compliance.
1
2
3
4
5
6
Scoping & Discovery
Gap Analysis
PIA Execution
Manual Drafting
Training & Embedding
Monitor & Maintain
Data landscape mapping, regulatory exposure and existing governance review.
Structured assessment against all POPIA conditions and FSC obligations.
Formal Privacy Impact Assessment documented to Information Regulator standard.
Bespoke POPIA Manual, PAIA Manual, privacy notices and FSC governance documents.
Staff awareness, Information Officer coaching and process embedding.
Quarterly reviews and document refresh to keep compliance current and defensible.
GET IN TOUCH
Ready to build a defensible compliance posture?
Speak to a Sourceworx compliance specialist. We'll scope a programme tailored to your sector, regulatory exposure and govenance maturity.
Triple ISO-certified IT infrastructure, cybersecurity and managed services for South Africa's mid-market. Sandton-based, serving organisations nationally since 2007.
Government
Higher Education
Mining & Industry
Special IT Projects
Connectivity
Unified Communications
Data & Analytics
© 2026 Sourceworx (Pty) Ltd • Sandton, Johannesburg
Regulatory Compliance
Designed by Dikwe.Agency
ISO9001 • ISO27001 • ISO20000