Protection of Personal Information Act, 2013
R 385.00
National Strategic Intelligence Act, 1994 (Act No. 39 of 1994)RegulationsElectronic Communications Security Needs Analysis Regulations, 20145. Procedure for the completion of the request-documents |
| 5.1 | The head of each organ of state shall upon receipt of the request-documents identify the persons (including third party vendors) responsible for providing the relevant organ of state with electronic communication security products and/or maintenance and repair services. The person who shall assist the organ of state in the completion of the questionnaire shall have the required security clearance. |
| 5.2 | The head of the organ of state shall ensure that the questionnaire shall be made available only to those persons within the relevant organ of state responsible for the provision of electronic communication security services and who have the required security clearance certificate. |
| 5.3 | Should the Agency approve the list of persons responsible for providing the services and/or products (after having obtained a security clearance certificate issued by the State Security Agency) in accordance with the National Strategic Intelligence Act, 1994 (Act No. 39 of 1994), it will promptly communicate this to the head of an organs of state, who will in turn instruct the relevant person to commence answering the section(s) of the questionnaire to which their specialisation pertains. |
| 5.4 | Should the Agency decline any or all of the persons contained on the list referred to in 5.1 (after failing to have obtained a security clearance certificate issued by the State Security Agency) in accordance with the National Strategic Intelligence Act, 1994 (Act No. 39 of 1994), it will communicate this to the relevant head of the organ of state and proceed with arranging a telesurvey or an on-site or off-site interview in the manner set out in paragraph 8. |
| 5.5 | The head of the organ of state shall ensure that the request-documents shall be made available only to those persons within the relevant organ of state responsible for the provision of electronic communication security products and/or maintenance and repair services forming the subject of this security needs analysis who have a security clearance certificate issued by the Agency. |
| 5.6 | Where no person within a particular organ of state is specifically designated to provide services, and/or products, the head of the organ of state shall without delay inform the Director-General of State Security Agency of same, and who will proceed to make arrangements with the relevant organ of state to conduct either a tele-survey or an on-site or off-site interview in the manner prescribed in paragraph 6. |
| 5.7 | The persons responsible for completing the questionnaire (or any part thereof) shall ensure that they provide the Agency with such written or electronic information so as to allow the Agency to adequately assess the security status of the relevant organ of state. |
| 5.8 | The Agency may establish a helpdesk to address telephonic queries from organs of state on the questionnaire in case of unclear or ambiguous sections or questions. To the extent that a particular section or question in the questionnaire is unclear or ambiguous, the head of the relevant organ of state or a person duly authorised by him or her, shall either address to the Director-General, or the relevant official in the Agency in writing and in sufficient detail the particular query raised by the questionnaire or call the helpdesk for assistance. |
| 5.9 | Should the Agency take longer than a period of 3 (three) days to resolve a particular query, the submission date shall be extended by such period taken by the Agency to resolve the query, commencing the date of receipt of the query by the Agency and terminating the date of communication of a resolution of the query to the relevant organ of state ("the extension period"). |
| 5.10 | Organs of state are encouraged to provide with their response any documentation (written or electronic) that might supplement and/or clarify such response. |
