Title of presentation.

Slides:

Advertisements

Similar presentations

Division: EIDD WTO TBT Workshop on Good Regulatory Practice March 2008 Focus on Transparency and Consultation.

Advertisements

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.

ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.

Professional Behaviour

Auditor General’s Office One key audit focus area – Compliance with Laws and Regulations.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

The information Society: The role of Transformational leadership in the African Library Arnold M. Mwanzu Rodney A. Malesi Kenya: United States International.

The European Commission's Approach to Responsible Business: Towards a strategy on Corporate Social Responsibility.

Presentation by the National Gambling Board to the: Portfolio Committee:Trade and Industry 2 March 2012 ENFORCEMENT PROCESSES FOR ONLINE GAMBLING.

Presented By Tay Un Soo Senior VP, Bank of Commerce President of ISACA - Malaysia Chapter 1999 National Accountants Conference THRIVING IN THE DIGITAL.

Manuel Mariño Regional Director International Co-operative Alliance ACI-Américas CORPORATE GOVERNANCE AND CO-OPERATIVES Global Corporate Governance Forum.

Corporate Governance Yoshi Kawai Secretary General, IAIS IAIS-ASSAL Regional Seminar Buenos Aires, Argentina, November 2011 PUBLIC.

April 2008 Global Developments in Corporate Reporting Charles Tilley Chartered Institute of Management Accountants Chief Executive Global Developments.

Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.

External Auditing in Difficult Settings John F S Muwanga FCCA, CPA(U) Auditor General, Uganda Regional Workshop Towards Auditing Effectiveness May

1 GHS CONFERENCE FOR ASEAN: Implementation Towards 2008 and Beyond Jakarta, Indonesia 9-11 May 2007 STATUS OF GHS IMPLEMENTATION IN MALAYSIA.

Extending self- and co-regulation OIF 23 March 2001 Nic Green Regulatory Policy

Enterprise Risk Management Dr. Doug Webster, CGFM, PMP Financial Management in Challenging Times May 13, 2009.

Spelling Out a Strategy for Observing Good Governance in Managing Retirement Fund Faith Letlala 19 August 2013.

Audit Evidence Process

Social value reporting: An integrated approach John Maddocks – CIPFA

Organizing a Privacy Program: Administrative Infrastructure and Reporting Relationships Presented by: Samuel P. Jenkins, Director Defense Privacy Office.

DEVELOPMENT OF A WHITE PAPER ON CORRECTIONAL SERVICES Ministry of Correctional Services.

Justice Information Network Strategic Plan Development Justice Information Network Board March 18, 2008 Mo West, JIN Program Manager.

V Global Forum on Fighting Corruption and Safeguarding Integrity – South Africa Trade and Customs Partnership to fight against corruption and safeguard.

By Hajira Fatima Safa Mohammed Zaheer Abid Ali. Cloud computing is a result of evolving and adopting existing technologies. The goal of cloud computing.

March, 2004 Into the LAN: An Integrated LAN/WAN End User Study © 2004 Frost & Sullivan. All rights reserved. This document contains highly confidential.

The Integration of Legal Aspects in Information Security: Is Your Organisation Up-to-Date?? Rabelani Dagada Development Economist Paper presented during.

EECS David C. Chan1 Computer Security Management Session 1 How IT Affects Risks and Assurance.

UNGGIM – PRIVATE SECTOR NETWORK. AGENDA > OVERVIEW OF PRIVATE SECTOR >PURPOSE AND VISION OF PRIVATE SECTOR NETWORK > STRUCTURE AND TERMS OF REFERENCE.

Seda Annual Performance Plan 2017/18 – 2019/20

Online Safety The Campion School.

Presentation to Environment Portfolio Committee

Use Cloud Computing to Achieve Small Enterprise Savings

PROGRESS IN IMPLEMENTING e-GOVERNANCE

By: Ms Peterlia Ramutsheli

Herman Smith United Nations Statistics Division

ITU PLENIPOTENTIARY CONFERENCE GUDALAJARA - MEXICO October 2010

Electronic communications services: Ensuring equivalence in access and choice for disabled end-users - Article 23a ERG/BEREC Project Public Hearing,

Programme 4: Mineral Policy & Promotion

Predetermined Objectives – 2013/14

AUDIT AND RISK INDABA JUNE 2017.

Western Cape Branch Annual Seminar

Presented by Munezero Immaculee Joselyne PhD in Software Engineering

Budgeting systems : Monitoring and Evaluation

Standing Committee on Appropriations

2nd QUARTER ANALYSIS REPORT FOR THE 2017/18 FINANCIAL YEAR

DEPARTMENT OF MINERAL RESOURCES

DAFF CLIMATE CHANGE CONFERENCE 11 – 12 August 2011

26 April 2017 EFFECTIVE REGULATION THROUGH RISK-BASED APPROACH IN THE ARTIFICIAL INTELLIGENCE, CLOUD OR DIGITAL SPACE BONGA JAXA - SENIOR MANAGER: COMPLIANCE.

Portfolio Committee On Sports and Recreation 7 November 2017

حوكمة الشركات Corporate Governance

HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Meeting with the Namibia ICT Ministry and Data Protection Stakeholders.

IMPLEMENTATION OF THE SOUTH AFRICAN LANGUAGE PRACTITIONERS COUNCIL ACT, 2014 (Act No. 8 of 2014) PRESENTED TO THE SELECT COMMITTEE ON EDUCATION & RECREATION.

Briefing to the Portfolio Committee on Water and Sanitation on the

Paulo Magina Head of the Public Procurement Unit, OECD

Manitoba Land Initiative

Cyber security Policy development and implementation

SACF Comments on the ECA Amendment Bill B

Finding A Common Scale: An Overview of PFM Performance Indicators

COMPLEMENTARY ROLE OF OVERSIGHT BODIES 09 October 2018

Reengineering the Audit with Blockchain and Smart Contracts

Presentation to the Portfolio Committee - Labour

2018 local content conference and exhibition

Director-General: Mr. E Africa

Good Governance and an Effective Board of Trustees

BASICS OF PUBLIC PRIVATE PARTNERSHIPS

Gauteng Provincial Legislature Money Bills Act Discussion

PUBLIC ACCOUNTANTS AND AUDITORS BOARD

ITU PLENIPOTENTIARY CONFERENCE GUDALAJARA - MEXICO October 2010

Presentation transcript:

Title of presentation

Privacy concerns faced by Small Medium Micro Enterprises (“SMME”) in South Africa, in particular the gambling industry (bookmakers) ZUKO PHANDLE - AUDITOR: EASTERN CAPE GAMBLING BOARD 21 August 2019, 15th GRAF Conference, Boardwalk Casino, Port Elizabeth, South Africa

Contents Purpose Background Problem statement Cloud challenges or risks Addressing privacy concerns Conclusion

PURPOSE To share a proposed model that seeks to address privacy concerns by SMMEs, and ultimately to enhance their trust in cloud computing. To invite inputs from colleagues within the industry and other relevant stakeholders.

BACKGROUND The gambling industry like other industries, has evolved with time embracing the ever-changing technology. As a result its business models have shifted towards artificial, internet, electronic and or virtual gaming. Gambling industry uses best technologies for data storage & operation.

PROBLEM STATEMENT Privacy in cloud computing remains a serious concern for SMMEs. This is despite much work that has been done and progress made in mitigating the security concerns attached to cloud computing. As a result SMMEs remain reluctant to trust cloud computing. Privacy concerns in cloud computing, in particular in South Africa amongst other factors are attributed to a legislation gap arising from lack of appropriate regulation to address the specific privacy concerns in cloud computing.

Capacity Confidentiality Privacy Reliability Storage Security Segregation Trust Cloud challenges or risks

Addressing privacy concerns Research questions Privacy concerns Effects on trust Legislative framework shortcomings Underlying theory Observations Cloud benefits Regulation Proposed model Addressing privacy concerns

Research questions used How can SMMEs’ privacy concerns be addressed to improve their trust in the cloud? What are the privacy concerns facing SMMEs? How does lack of privacy affect trust in cloud computing? What are the shortcomings of the current legislation with respect to privacy in cloud computing?

Privacy Concerns Data storage Control of data (Lack) Multi-tenancy Integration with internal security Dependency Privacy Concerns identified by Tihomir, Darko, and Snjezana (2017)

The effects on trust by the lack of privacy in cloud computing Data Storage Dependency TRUST Privacy Concerns Lack of control Multi-tenancy Integration with internal security The effects on trust by the lack of privacy in cloud computing

Legislative Framework Shortcomings Lack – Privacy Compliance Framework (cloud) Legislation gap (POPIA, Gambling, et al) Delayed implementation of POPIA Legislative Framework Shortcomings

UNDERLYING THEORY applied Theory of Privacy Calculus: Is a “rational” theory that seeks to explain the attitudes, beliefs, intentions, and behaviours of IT consumers when the use of the IT includes the cost of a perceived privacy risk. An increase in perceived privacy risk decreases an individual's intent to disclose information, Keith, Thompson, Hale, Lowry and Greer (2013).

Figure 1: Privacy calculus model

observations Lucrative and attractive benefits vs risks (privacy concerns) and ramifications. Creation or enhancement of conducive environment for SMMEs to invest in cloud - creating a balance between the benefits and concerns. Legislation gap as a result of lack of appropriate regulation to address the specific privacy concerns in cloud computing.

Cloud Computing Benefits Less Capital Expenditure Highly Automated Virtual & Scalable Accessible & Secure Unlimited Storage Back-up & Data Recovery Lower Cost of Ownership Document Control Environmental Friendly Cloud Computing Benefits

Regulation POPI Act? Electronic Communications Act ICT Regulator? FICA Gambling Act Regulations Rules Conditions of Licence Regulation

Model to enhance the trust of SMMEs in cloud computing Cloud Privacy Concerns Regulation Privacy Calculus Trust Cloud Computing Adoption/ Rejection Cloud Benefits Model to enhance the trust of SMMEs in cloud computing

conclusion Cloud provides users with cost effective and accessibility benefits. Benefits and risks attached in cloud computing are key in deciding on investing thereon. There is a need for a conducive environment for such investment, hence more work must still be done in research. The privacy concerns in cloud are attributed to the legislative gap.

Conclusion CONT.. Regulators must now initiate a process of revising legislation and align it to POPIA as well as the National Integrated ICT Policy White Paper (2016), thus ensuring accountability. A sub-committee must be appointed in this regard. Regulators must avail resources to procure the required expertise to develop appropriate legislative framework. Regulators must not avoid but embrace these technological developments also as means to develop the SMMEs.

Auditor – Eastern Cape Gambling Board THANK YOU Zuko Phandle Auditor – Eastern Cape Gambling Board zukop@ecgb.org.za 043 702 8358/076 012 3411