Businesses operating in South Africa can now map and understand their obligations, roles and responsibilities to comply with local regulations and legislation – most notably the Protection of Personal Information Act (POPIA) – with Microsoft’s Compliance Manager tool, announced recently at Microsoft Ignite.
“The protection of data and personal information is a critical obligation for organisations with access to this information, and this obligation is made ever more important as the world moves further into the cloud,” says Colin Erasmus, Modern Workplace Business Group Lead at Microsoft.
Microsoft Compliance Manager is a user-friendly, centralised dashboard and tool that allows organisations to efficiently map and monitor regulatory adherence as it relates to their use of Microsoft cloud services on Microsoft 365 or Azure Active Directory.
“It serves several functions, not the least of which being to provide a centralised, visual representation of an enterprise’s compliance posture, calculating a risk-based compliance score that measures progress towards data protection and adherence to regulatory standards,” says Kelly Chalom, GDPR and Data Privacy Compliance Specialist at Cloud Essentials. Cloud Essentials is a Microsoft’s key partner who contributed to the of mapping of the various laws and standards including local compliance legislation such as POPIA to Microsoft’s control framework for Compliance Manager.
Other legislation that has been mapped to the tool includes regional and global compliance standards such as GDPR and applicable ISO (International Organisation for Standardisation) international standards, among others.
This mapping and laying out of roles and responsibilities to get a compliance score enables enterprises to identify where the gaps lie in meeting their compliance obligations and to take action to address these gaps. The easy-to-use interface is helping create an environment that makes businesses and service providers feel safe and confident that they are complying with important local legislation, as well as helping them to focus on how they look at and approach different areas of compliance.
“Not only does it enable enterprises to visualise their compliance posture, it also allows for secure cloud storage of critical compliance documentation that is key to demonstrating the enterprise’s compliance as required by the legislation,” says Chalom.
Businesses in South Africa have also largely shown their willingness to gear up and comply with local laws such as POPIA – and tools like Compliance Manager, which provides a centralised dashboard that offers compliance-related information at a glance, will become increasingly important to help businesses meet their obligations.
“The Compliance Manager tool takes an holistic approach to compliance, combining technology with a level of care to ensure that organisations in South Africa understand their compliance obligations, can see where they are in terms of meeting these obligations through their compliance score and take action by allocating roles and responsibilities within the organisation to ensure they are fully compliant with laws such as POPIA,” concludes Erasmus.