The purpose of the IT Risk Management Policy is to provide guidelines regarding the management of risk to support the achievement of the corporate objectives, protect staff and corporate business assets within the requirements of applicable laws and ensure financial sustainability.

IT Risk Management is the application of risk management methodologies to information technology risks. This would encompass all the business information resources, whether managed or hosted internally or externally. Included are executive managers, system owners, data owners and IT custodians responsible for working with the information and the remediation of identified risks in a timely manner


  • Risk Management specific to IT Departments
  • Data Classification
  • Assistance with Policies
  • Legal Framework (incl. POPI-EU GDPR-CPA)
  • Creation of Guidelines
  • User Awareness and Training
  • Management of IT resources
  • Risk by external business partners
  • Management of security incidents
  • Disaster Recovery-Dealing with Emergencies
  • Handling of DATA media
Share This