Legally Precise

Built on POPIA, PAIA, Regulation 4 (April 2025 amendments), and confirmed Information Regulator enforcement records. No summaries. No shortcuts.

Enforcement-Anchored

Every learning unit is grounded in real South African enforcement outcomes — Dis-Chem, Department of Justice, Lancet Laboratories, and FT Rams Consulting.

CPIO-Mapped

Programme content maps to approximately 75% of CPIO examination domains. Completion guidance for the remaining 25% is provided in Module IO-5.

About the Module

The Information Officer carries a statutory mandate that most compliance roles do not — personal registration, personal accountability, and personal exposure when the framework fails. The POPIA & PAIA Information Officer Training Programme is built around that reality. The programme does not treat POPIA and PAIA as parallel obligations to be managed separately. It treats them as integrated dimensions of a single compliance infrastructure — because that is how the Information Regulator assesses them, and because the IO who understands both Acts together is significantly better positioned than one who has mastered only one. Each of the five Learning Units is structured around what the Information Regulator expects to see: a functioning PIIA, a current Section 51 manual, an active operator monitoring programme, a tested breach response plan, and a documented continuous improvement cycle. The enforcement case studies are not illustrations. They are the curriculum — because the gaps that generated R5 million in fines and R100,000 infringement notices are the same gaps the IO's compliance framework is designed to close. The April 2025 amendments to Regulation 4 are incorporated throughout. The CIPC-Information Regulator BizPortal integration, operational since April 2025, is addressed in Module IO-5. The CPIO examination preparation map in the final module gives participants a clear view of where they stand against the six CPIO domains and what supplementary preparation is required before sitting the examination. This programme is for the IO who understands that the role is not administrative — and who wants the legal foundation, operational framework, and enforcement context to carry it correctly.

Celagenix Academy Certificate Preview

Module Structure

⚫Module Code: MOD-PP-I-SA001 ⚫Format: 1 course | 5 learning units | self-paced video learning ⚫Total duration: Approximately 70 minutes ⚫Delivery: Self-paced on the Celagenix® Academy ⚫Assessment: 3-4 scenario-based questions per unit | 3 attempts per assessment ⚫Passing score: 65% ⚫Certificate: Celagenix® Certificate of Competence — POPIA & PAIA — Information Officer Certification | MOD-PP-I-SA001 | Valid 12 months | Issued automatically on passing the assessment ⚫Completion window: 90 days from enrolment (corporate) | 12 months from enrolment (individual) ⚫Part of: POPIA & PAIA Series

Curriculum

6 Chapters · 17 Lessons

  1. 1

    COURSE OVERVIEW

    1. (Included in full purchase)

      Course Overview

  2. 2

    1. The IO Role — Statutory Basis and Personal Accountability

    1. (Included in full purchase)

      1.1 The IO Role — Statutory Basis and Personal Accountability

    2. (Included in full purchase)

      1.2 The IO Role — Statutory Basis and Personal Accountability

    3. (Included in full purchase)

      1.3 The IO Role — Statutory Basis and Personal Accountability - ASSESSMENT

    4. (Included in full purchase)

      POPIA Information Officer Setup and Registration Checklist

  3. 3

    2. The IO Role — Statutory Basis and Personal Accountability

    1. (Included in full purchase)

      2.1 Building a Functioning POPIA Compliance Framework

    2. (Included in full purchase)

      2.2 Building a Functioning POPIA Compliance Framework

    3. (Included in full purchase)

      2.3 Building a Functioning POPIA Compliance Framework - ASSESSMENT

  4. 4

    3. Data Breach Response — The IO as Incident Commander

    1. (Included in full purchase)

      3.1 Data Breach Response — The IO as Incident Commander

    2. (Included in full purchase)

      3.2 Data Breach Response — The IO as Incident Commander

    3. (Included in full purchase)

      3.3 Data Breach Response — The IO as Incident Commander - ASSESSMENT

  5. 5

    4. PAIA Request Lifecycle and the POPIA Intersection

    1. (Included in full purchase)

      4.1 PAIA Request Lifecycle and the POPIA Intersection

    2. (Included in full purchase)

      4.2 PAIA Request Lifecycle and the POPIA Intersection

    3. (Included in full purchase)

      4.3 PAIA Request Lifecycle and the POPIA Intersection - ASSESSMENT

  6. 6

    5. Advanced Enforcement and CPIO Preparation

    1. (Included in full purchase)

      5.1 Advanced Enforcement and CPIO Preparation

    2. (Included in full purchase)

      5.2 Advanced Enforcement and CPIO Preparation

    3. (Included in full purchase)

      5.3 Advanced Enforcement and CPIO Preparation - ASSESSMENT

Who should do this Module

🟡Registered Information Officers carrying active compliance mandates under POPIA and PAIA — including newly appointed IOs completing their initial certification and experienced IOs updating their knowledge following the April 2025 Regulation 4 amendments. 🟡Senior compliance officers, legal counsels, and governance professionals who operate in a Deputy IO capacity or who advise registered IOs on their compliance obligations. 🟡Professionals preparing for the Certified Personal Information Officer (CPIO) examination who require a structured, enforcement-anchored foundation across the CPIO domain map. 🟡Prerequisite: Participants should have a foundational understanding of POPIA and its eight conditions for lawful processing. The programme operates at an intermediate level and is not designed as an introductory overview of South African data protection law.

Martin J Louw, Celagenix Academy Lead Instructor

Meet Your Instructor

Presented by DE VILLIERS DU PLESSIS, a seasoned expert in Media Production and Data Privacy Product Development at Celagenix® with a distinguished career spanning over 15 years. Leveraging his role as a Senior Instructor, this Module embodies the practical insights gained from guiding clients, executives, and staff teams at Celagenix® Corporate in understanding and implementing POPIA and PAIA.

Frequently Asked Questions

1. Who is this programme designed for? The programme is designed for registered Information Officers and senior compliance staff who carry active POPIA and PAIA mandates. It is also appropriate for Deputy IOs, legal counsel with a compliance oversight function, and professionals preparing for the CPIO examination. Participants should have a foundational understanding of POPIA before enrolling. 2. What does the programme cover? Five Learning Units covering the statutory basis of the IO role, the Regulation 4 compliance framework (including the April 2025 amendments), data breach response under Section 22, PAIA request handling and the POPIA intersection, and the full enforcement architecture with CPIO examination mapping. 3. How long does the programme take to complete? The full programme runs approximately 70 minutes across five Learning Units, each approximately 14 minutes in length. Learning Units can be completed in sequence or individually, depending on your current competency gaps. 4. Does the programme reflect the April 2025 Regulation 4 amendments? Yes. The amended Regulation 4 — effective 17 April 2025 under Government Notice 6126 in Government Gazette 52523 — is incorporated throughout the programme, including the explicit continuous improvement obligation and the strengthened PIIA requirement. 5. What is the pass mark and how many attempts do I have? Each assessment requires a minimum score of 70% to pass. Three assessment attempts are permitted per learning unit. Participants who achieve the required pass mark receive a Certificate of Competence for that module. 6. What enforcement cases are covered in the programme? The programme covers four confirmed South African enforcement cases in detail: the Department of Justice ransomware breach (R5 million administrative fine, 3 July 2023), the Dis-Chem operator failure (enforcement notice), the Lancet Laboratories notification breach (R100,000 fine, September 2024), and the FT Rams Consulting direct marketing enforcement (R100,000 infringement notice, February 2024). 7. Does this programme prepare me for the CPIO examination? The programme maps to approximately 75% of CPIO examination content across the six domains assessed by the Information Officers Association. Module IO-5 includes a detailed domain map identifying where programme content aligns and what supplementary preparation is required before sitting the examination. 8. Does the programme cover the eServices Portal notification process? Yes. Module IO-3 covers the eServices Portal as the mandatory channel for security compromise notification — a requirement confirmed from 1 April 2025. The module addresses what information the IO must have ready before submitting, the 72-hour best-practice expectation, and the process for supplementary notification as an investigation progresses. 9. What is the CIPC-Information Regulator BizPortal integration? Since April 2025, the Companies and Intellectual Property Commission and the Information Regulator have integrated their systems through the BizPortal platform. Organisations that fail to register an Information Officer or submit their annual PAIA compliance report can be publicly listed as non-compliant — a reputational consequence covered in Module IO-5. 10. Is this programme relevant if I am a Deputy IO rather than the registered IO? Yes. Deputy IOs operate under delegated authority from the registered IO, and the programme's treatment of the delegation structure, Regulation 4 obligations, and enforcement exposure is directly relevant to the Deputy IO role. Modules IO-2, IO-3, and IO-4 are particularly applicable to the operational functions typically delegated to Deputy IOs.

Ready to Elevate Your Governance Skills?

Enrol now to access exclusive content, expert guidance, and practical applications for mastering POPIA & PAIA Information Officer Training

Please contact us for access. (opens email in new window)