SIYAKHULA Holdings (Pty) Ltd Book a scoping call

Enterprise technology · Governance · Compliance · AI

The systems you run, and the rules you answer to — from one accountable partner.

Most organisations buy their technology from one supplier and their compliance from another, then spend the next two years in the gap between them. Siyakhula does both. Twenty years of enterprise delivery, and a senior governance practice under the same roof.

20+
Years delivering enterprise technology
100%
Black-owned and managed
Level 1
B-BBEE contributor
50+
Clients, public and private
9
Provinces served

Coverage

Pick the obligation on your desk.

Every regulation, standard and framework we work to — and exactly which part of the practice answers it. If what you are accountable for is not on this list, say so and we will tell you plainly whether we can help.

South African law
ISO standards
International frameworks

South African law

Protection of Personal Information Act

Every organisation that processes personal information must have a lawful basis for doing so, appoint an Information Officer, secure the data, and be able to answer a data subject who asks what you hold about them.

How we cover it
  • Privacy gap assessment — where you actually stand against the eight conditions, evidenced
  • Privacy Office — we establish it, and we can run it as an ongoing service
  • Privacy Agent — acting as your Privacy Agent under POPIA
  • Deputy Information Officer — appointment and the operating rhythm behind the title
  • PrivIQ / Securiti.AI — tooling to automate data subject requests and processing records

Capability

Two practices, one accountable partner.

The technology that runs your organisation, and the governance that keeps it defensible. Bought separately, they argue with each other. Bought together, they do not.

Technology

Enterprise systems integration

API-led integration connecting enterprise, legacy and cloud systems so data actually moves.

  • SAP, Oracle, Sage, Microsoft Dynamics
  • Salesforce, Dynamics CRM, HubSpot
  • SharePoint, WordPress, Drupal
  • HR, payroll and student management systems

Integration →

Technology

Data, AI and intelligent automation

Turning operational data into decisions, and repetitive work into automated workflow.

  • Power BI, SAP BI and enterprise reporting
  • Predictive analytics and AI/ML insight
  • Process automation, orchestration, chatbots

AI automation →

Governance

Information security

From standing up a first security function to supporting a mature programme.

  • Risk assessments and security strategy
  • Virtual CISO — fractional security leadership
  • Policy, framework and MSSP support

Security →

Governance

ISO management systems

Four standards, one senior team, one engagement — not four separate consultancies.

  • ISO/IEC 27001:2022 — information security
  • ISO/IEC 42001 — AI management
  • ISO 27701 — privacy information
  • ISO 9001 — quality

ISO →

Governance

Privacy and POPIA

Including running the Privacy Office, and acting as Privacy Agent.

  • POPIA and PAIA compliance
  • Deputy Information Officer appointments
  • GDPR alignment for international exposure

Privacy →

Technology

Digital learning

Enterprise Moodle, professional qualifications, and public-sector capability building.

  • Multi-tenant cloud, SaaS and on-premise LMS
  • Assessment, proctoring, plagiarism detection
  • 23 accredited public-sector courses

Training →

How we work

No scope creep. No surprises.

Every engagement runs the same five phases, whether it is a systems integration, an ISO implementation, a privacy programme or a managed LMS. You get a written engagement letter before anyone starts, and experienced principals throughout — no handover to juniors.

AI automation is not about replacing your people. It is about removing the repetitive, error-prone work so they can do the work that needs judgement.

Senior-only delivery. The person who scopes your engagement is the person who delivers it. That is the whole promise, and it is the one most consultancies quietly break the week after signature.
01

Scope

A scoping conversation and a written engagement letter.

02

Assess

Current state against the chosen standard or regime.

03

Build

Controls, integrations, policies and processes — with your team.

04

Deploy

Managed deployment, training, change management, go-live.

05

Sustain

Retained support, annual reviews, audit-ready evidence.

Track record

Where we have done this before.

Public sector

Metropolitan and district municipalities, provincial government, national public entities, a state-owned passenger rail operator, and a national biodiversity institute.

Higher education & professional bodies

A national distance-learning university and ten-plus higher education institutions. Professional accountancy bodies in South Africa and Rwanda.

Private sector

A multinational energy major, a global payments network, financial services and banking, logistics and supply chain, and managed security service providers.

Governance engagements

CISO advisory to multinationals. PKI ceremony auditing at a major financial exchange. Privacy Offices established and operated. Deputy Information Officer appointments.

Named references on request. We do not publish client names without their written consent. We sell privacy compliance; publishing our clients' names on a public page because it looks impressive would be an odd way to demonstrate it. Ask, and we will provide the reference list — with permission from the references.

Start with a conversation, not a proposal.

Tell us what is on your desk — an audit finding, a POPIA deadline, an integration that will not integrate, a board asking about AI. Thirty minutes, no charge, and a straight answer about whether we are the right people.