BUSINESS AND IT RISK ADVISORY SERVICES POWERED BY THE ADVANTAGE OF PRESCIENCE

 

ABOUT US

Ironvault focuses on understanding the patterns and underlying mechanisms of governance, risk and compliance management. We are situated in South Africa where we are proud to have created an advanced creative, collaborative and open-minded business risk, information risk research and hands on services network sitting globally.

OUR VISION 

 

To drive the new era of consulting in the fourth industrial revolution, offering the most advanced business and information governance, risk and compliance services by using the power of technology and people to manage data more visually, easier, faster and more secure.

 

OUR MISSION

To shield integrity and information in business and on the internet 

 

POPIA AND GDPR COMPLIANCE ROLL-OUT - Fast & Easy  

GET COMPLIMENTARY PRIVACY COMPLIANCE SOFTWARE -

To get you started  

Compliance services to avoid enforcement penalties & automate consumer privacy requests

* No credit card required & migrate anytime

 

POPIA

On 1 July 2020, South Africa’s Protection of Personal Information Act (POPIA) finally came into force, coming hot on the heels of other new privacy regulations, such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). Most sections of the act are now officially law. But compliance isn’t mandatory until the remaining part of the legislation, which grants enforcement powers to South Africa’s new regulatory authority the Information Regulator, comes into effect on 1 July 2021. This means that, if your organization is subject to the POPIA, you only have a few months to comply. 

POPIA only applies to companies based in South Africa or those that process personal data within South African borders. So, to check whether you need to comply, you’ll need to find out exactly where you’re processing personal data. This should include the whereabouts of not only your on-premises data centers but also your cloud-based deployments. Your cloud infrastructure will likely be the deciding factor, as both AWS and Microsoft Azure now have cloud regions in South Africa. So your company could well be using them in a bid to bring your data closer to African customers.

POPIA VS GDPR 

Despite its slightly earlier origin, the POPIA is still very similar to the GDPR, sharing much the same guiding principles, including accountability, transparency, security, data minimization, purpose limitation and the rights of data subjects. In terms of how it defines personal data, the POPIA is more extensive than the GDPR, as it covers not only the information you collect about individuals but also about companies and other types of organization. This is a significant departure from other data privacy laws. So it’s not yet clear how exactly it’ll work in practice. However, as your first step to compliance, you should reflect the new legal requirements in your contracts with partners, suppliers and vendors.

 

As with the GDPR, the POPIA classifies a separate subcategory of personal data, known as special personal information, which is more sensitive and therefore subject to stricter requirements. This mainly relates to an individual’s:
• religious or philosophical beliefs,
• race or ethnic origin
• trade union membership

• political persuasion
• health
• sex life or sexual orientation
• physical, physiological or behavioral characteristics (biometric data)


In addition, the POPIA applies to the personal data of any individual—regardless of their nationality. So while the GDPR is only designed to protect EU citizens, the POPIA protects anyone whose personal data is processed within South African territory or by a South African undertaking.

 

CONSULTING SERVICES

BUSINESS

ADVISORY SERVICES 

Our business advisors are strategists who will work with your company to help with planning, finances, marketing, and even development. Our business advisors are able to do a bit of everything. Think of them as an extension of yourself as a business owner, capable of lending their expertise where needed and spending time researching the areas where there is the a business need. Our business advisors are accredited and come with years of experience assisting small, medium and large enterprises.

INFORMATION 

TECHNOLOGY ADVISORY SERVICES

We will work with your business to analyze business technology issues within your business. We will work with your company to develop a clear IT strategy that fully supports their business objectives. We are well placed to assist any business with  regulatory and compliance needs. We have a great deal of experience in identifying and controlling financial and operational risks embedded in IT business systems. We help clients optimize their risk management and controls architecture, specific to IT. We offer guidance on appropriate strategies for outsourcing or offshoring IT services, and help to ensure that effective controls are implemented. We work with clients to help identify the most effective ways to take costs out of a business. We examine various aspects of processes and technology, and make business and financial recommendations for helping to optimize efficiency

DIGITAL

RISK ADVISORY SERVICES 

Digital risk is a term encompassing all digital ennoblements that improve risk effectiveness and efficiency—especially process automation, decision automation, digitized monitoring and early warning. Our experts will work with your organisation and use work flow automation, optical-character recognition, advanced analytics (including machine learning and artificial intelligence), and new data sources, as well as the application of robotics to processes and interfaces. Essentially, digital risk implies a concerted adjustment of processes, data, analytics IT and the overall organisational setup, including talent and culture.

DATA

GOVERNANCE

AND COMPLIANCE SERVICES

Data governance isn’t solved in one corner of any business. It should be a collaboration between IT and business, who must consistently and collaboratively improve the trustworthiness and quality of your data to power key business initiatives and ensure regulatory compliance. Our experts will offer your organisation a true enterprise data governance strategy and solutions that can be managed on-premises or in the cloud to meet the needs of both the business and IT.

BREACH

TESTING

SERVICES 

We consider how prepared your organisation is and then look at areas that require improvement. Our specialists will make it possible for you to manage your security breach response on-site and remotely. Our experts will assist with the appropriate level of system defense to monitor threats and detect them along with the introduction of the right rules. We will collect evidence and provide plans linked to communicating and notifying of a any breach while ensuring you comply with regulations that affect your breach management. We will provide training and awareness to ensure that your staff is capable of handling a data breach.

ENTERPRISE

RISK

MANAGEMENT

SERVICES

Enterprise risk management is a design-based business strategy that aims to identify, assess, and plan for any dangers, hazards, and other potentials for disaster—both physical and figurative—that may interfere with a businesses operations and objectives. The need for effective enterprise risk management ( ERM )is more important than ever. Events such as the global financial crisis or the ongoing COVID-19 pandemic highlight the far-reaching impacts of enterprise risk management and the consequences of management failure. We assist organisations navigate the new normal. 

DATA CENTER

INFRASTRUCTURESERVICES

Our wholesale data center offering constitutes turn-key space that is move-in ready power and cooling infrastructure designed to meet the most demanding server power densities in the industry. Our wholesale data centers also include 24x7 security, dual authentication devices, mantraps, and surveillance cameras to meet the most stringent compliance requirements. Companies such as international carriers, colocation and cloud service providers, and large enterprises choose wholesale data centers for dedicated infrastructure, operational control and design flexibility.

 

Wholesale services include:

  • Build-to-Suit data centers

  • Powered Shell data centers

  • Private, wholesale colocation suites and cages

CLOUD

ADVISORY SERVICES

Our cloud advisory services uses an agile, collaborative approach powered by rigorous analysis tools to help you identify potential cloud opportunities, develop an implementation roadmap and design a cloud environment that is tailored to your business needs. Working with our specialists, you can achieve the outcomes you desire at each stage along your path to the cloud. Our skilled specialists lead you through a structured approach designed to result in a realistic framework for cloud adoption. Our cloud infrastructure strategy and planning services can help to analyze existing environments and determine the right cloud computing model for your business. Our consultants work with you to identify the business areas and workloads that can enable you to reduce costs and improve service delivery with a detailed roadmap.

INFORMATION

TECHNOLOGY AUDIT SERVICES

our information technology information technology audit services is responsible for analyzing and assessing a company's technological infrastructure to ensure processes and systems run accurately and efficiently, while remaining secure and meeting compliance regulations. Our information technology audit services can be considered the process of collecting and evaluating evidence to determine whether a computer system safeguards assets, maintains data integrity, allows organizational goals to be achieved effectively and uses resources efficiently.

FORENSICS SERVICES

Our computer forensics is an application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. Our forensics experts assist in the investigation of crimes and cyber security incidents. In many cases, we work to recover hidden, encrypted, or deleted information related to the case. We will safeguard the integrity of data by following a chain of custody that ensures its admissibility in court.

PROCUREMENT

AUDIT SERVICES

Our procurement audit is a project management process that reviews different contracts and contracting processes to determine the completeness, efficacy as well as the accuracy of the procurement process.

Procurement audits services are conducted to ascertain whether due process was followed in the procurement cycle. We also ascertain whether relevant procurement regulations have been complied with. There is series of processes that are essential to get products or services from requisition to purchase order and invoice approval. While purchasing is the overarching process of obtaining necessary goods and services on behalf of an organisation.

LEGAL RISK MANAGEMENT 

Running a business means taking risks. The biggest risk a organisation can take is not to think about risks at all. It is therefore wise to identify the risks that a company is exposed to in order to control them where possible. In this way, costs can be saved and more profit generated. Risk management is an ongoing process that requires in-depth knowledge not only of a business, but also of the environment in which the business operates. This includes legal risks, as well as legal solutions to other types of risks a business can face on a daily bases. Our legal risk management services will map the legal risks facing a company while keeping abreast of emerging regulations which can carry legal risks is essential, including those regulations which primarily relate to operations.

RISK 

TRAINING 

Risk is unavoidable are your staff members able to identify the risk in your business and outline a intelligent strategic precautionary action plan. Our risk management training is to raise basic awareness of risk management concepts and mechanisms, to enable participants to identify and manage risks. 

DEVELOPMENT

SECURITY

OPERATIONS

Development operations security refers to the discipline and practice of safeguarding the entire Development operations environment through strategies, policies, processes, and technology. We believe security should be built into every part of the development operation lifecycle, including inception, design, build, test, release, support, maintenance, and beyond. DevSecOps is a further development of the DevOps concept that, besides automation, addresses the issues of code quality and reliability assurance.

DATA MANAGEMENT 

SERVICES

Our data management services are aimed at ingesting, storing, organizing and using data, which was created and collected by a company. Our data management services involves a practice of collecting, keeping, using data securely, efficiently, and cost-effectively. We provide a robust data management strategy for organisations that are increasingly relying on intangible assets to create value. Our data management services will allow organisations to effectively determine the cause of problems quicker. Our data management service will allow organisations to visualize relationships between what is happening in different locations, departments,systems and deal with risks immediately in the business.

SKILL UP YOUR CYBER SECURITY TEAM WITH OUR CYBER MANAGEMENT ALLIANCE NCSC-CERTIFIED INCIDENT PLANNING & RESPONSE TRAINING

A comprehensive course enabling individuals to prepare a well-defined and managed approach to deal with a data breach or a cyber-attack.

TEST YOUR CYBER SECURITY TEAMS DEFENSE STRATEGY WITH OUR CYBER CRISIS TABLETOP EXCERCISE

A unique blend of verbal and visual simulation along with interactive discussions on an agreed cyber-attack scenario relevant to an organisation.

 

What Can We Help You With?

For more info please fill out the below form or email us at info@ironvault.co.za

  • LinkedIn
  • Facebook
  • Instagram

Subscribe to our news letter 

©2021by Ironvault Digital