(1) |
The National Commissioner must secure the integrity of information on the NFDD by taking appropriate, reasonable technical and organisational measures to prevent— |
(a) |
loss of, damage to or unauthorised destruction of information on the NFDD; and |
(b) |
unlawful access to, communication or processing of information on the NFDD. |
(2) |
In order to give effect to subsection (1), the National Commissioner must take reasonable measures to— |
(a) |
identify all reasonable foreseeable internal and external risks to information on the NFDD under his or her control; |
(b) |
establish and maintain appropriate safeguards against the risks identified; |
(c) |
regularly verify that the safeguards are effectively implemented; and |
(d) |
ensure that the safeguards are continually updated in response to new risks or deficiencies in previously implemented safeguards. |
(3) |
The National Commissioner must have due regard to generally accepted information security practices and procedures which may apply to the Service generally or be required in terms of specific laws and regulations relating to security of information applicable to the Service. |
(4) |
The National Commissioner, after consultation with the Board, must within six months of the commencement of this Chapter develop standard operating procedures regarding— |
(a) |
access to the NFDD; and |
(b) |
the implementation of safety measures to protect the integrity of information contained on the NFDD. |
(5) |
The National Commissioner must report to the National Assembly and the Board— |
(a) |
any breach of the access and security measures referred to in this section as and when such breach occurs; |
(b) |
any loss of, damage to or unauthorised destruction of information on the NFDD; and |
(c) |
steps taken to address such breach and to prevent the recurrence thereof. |
(6) |
The Secretary of Police must monitor and oversee the security measures instituted by the National Commissioner. |
[Section 15U inserted by section 6 of Act No. 37 of 2013]