SIYAKHULA Holdings (Pty) Ltd Book a scoping call

Governance, security and compliance

Delivered by the people who will still be there in month six.

Senior, CISO-calibre practitioners. No handover to juniors after signature — which is the thing every consultancy promises and most quietly break.

Security

Security advisory and leadership

  • Information security risk assessments
  • ISMS implementation
  • CISO advisory
  • Virtual CISO — fractional security leadership for organisations that need the seniority but not the salary
Security

Operational security

  • Security policy and framework development
  • MSSP and cybersecurity team support
  • Second-line IT risk management
  • Programme uplift and maturity improvement
ISO

ISO management systems

Four standards, one senior team, one engagement.

  • ISO/IEC 27001:2022 — gap assessment to certification
  • ISO/IEC 42001 — AI management
  • ISO 27701 — privacy information
  • ISO 9001 — quality
  • Statement of Applicability and risk treatment
  • Internal audit readiness
Privacy

Privacy and data compliance

  • POPIA compliance, end to end
  • PAIA alignment and manuals
  • RICA and Cybercrimes Act advisory
  • GDPR alignment for international exposure
Privacy

Privacy Office and operations

Not just the assessment — the function that runs afterwards.

  • Privacy Office establishment and operation
  • Privacy Agent services under POPIA
  • Deputy Information Officer appointments
  • Privacy gap assessments and readiness reviews
AI governance

AI governance

For the board that has started asking what your AI actually does.

  • AI governance framework design
  • Responsible AI policy
  • AI risk identification and treatment
  • ISO/IEC 42001 assessments
  • AI training video production for staff and board

Want to know if we cover your obligation? The coverage matrix maps every regulation and standard we work to against exactly what we do about it.

Is the deadline real yet?

Most people call us when it is. It is cheaper to call before.