Question 1 [30] You have been appointed as the project manager for a new project which is being started in your company. Due to the urgency of the project, and because the project sponsor is too busy, she requests you to write the project charter on her behalf. You will interact with the information officer who will make decisions on behalf of the project sponsor. The project is to ensure your company is compliant with the POPI Act in South Africa. POPI stands for the Protection of Personal Information. The act will be in force from 1 July 2021 , and all companies must be compliant by that date. The main benefit for the company is that they will avoid any fines and brand damage in the case of a data breach. There are a number of tasks that must be done. The biggest constraint is that no similar project has been done in the company before; because compliance is a legislative requirement, the project may disrupt operations. In the first phase (Phase 1), create a record of all data sets (either on a system or on Excel) in the company and who the data owners are. Make the assumption that the resources will be available throughout the company for this task. The reasons for data collection must be noted, and the necessary permission must be obtained from the customers where their personal data is collected, such as on application forms. At the same time, you must ensure that data privacy policies are written and that all staff are aware of the new policies. Assume that such policies can be based on templates that are available on the internet, and that they will be fine-tuned for the company-specific requirements. In Phase 2, contracts with all third parties must be reviewed to check the data security clauses, especially where personal information is provided to the third party. IT data security must be investigated for possible data breach opportunities. A process must be put in place where staff and the public can report data breaches, and a description compiled of how such data breaches will be handled by the company. For instance, what will they write in a press release and who will be responsible? After all this preparatory work is done, the last phase (Phase 3) will be an audit conducted by the information officer on behalf of the project sponsor to ensure that the company is compliant with the POPI Act, and that all policies and processes are in place. It will give customers more trust in the company if they know that the company is POPI compliant. The funding for the project will be released with the planning of each phase. Overall, it will cost about R3 000000 and the first phase will receive R500000. The approval limit for the project manager will be R50 000, after which all purchase orders must be signed off by the project steering committee. Your task is to produce a project charter taking all of the above information into account. Use the project charter elements described in the textbook as an outline and headings to organise the charter's content. This outline and order are very important, because it makes the document readable to the audience. Question 1 [30] You have been appointed as the project manager for a new project which is being started in your company. Due to the urgency of the project, and because the project sponsor is too busy, she requests you to write the project charter on her behalf. You will interact with the information officer who will make decisions on behalf of the project sponsor. The project is to ensure your company is compliant with the POPI Act in South Africa. POPI stands for the Protection of Personal Information. The act will be in force from 1 July 2021 , and all companies must be compliant by that date. The main benefit for the company is that they will avoid any fines and brand damage in the case of a data breach. There are a number of tasks that must be done. The biggest constraint is that no similar project has been done in the company before; because compliance is a legislative requirement, the project may disrupt operations. In the first phase (Phase 1), create a record of all data sets (either on a system or on Excel) in the company and who the data owners are. Make the assumption that the resources will be available throughout the company for this task. The reasons for data collection must be noted, and the necessary permission must be obtained from the customers where their personal data is collected, such as on application forms. At the same time, you must ensure that data privacy policies are written and that all staff are aware of the new policies. Assume that such policies can be based on templates that are available on the internet, and that they will be fine-tuned for the company-specific requirements. In Phase 2, contracts with all third parties must be reviewed to check the data security clauses, especially where personal information is provided to the third party. IT data security must be investigated for possible data breach opportunities. A process must be put in place where staff and the public can report data breaches, and a description compiled of how such data breaches will be handled by the company. For instance, what will they write in a press release and who will be responsible? After all this preparatory work is done, the last phase (Phase 3) will be an audit conducted by the information officer on behalf of the project sponsor to ensure that the company is compliant with the POPI Act, and that all policies and processes are in place. It will give customers more trust in the company if they know that the company is POPI compliant. The funding for the project will be released with the planning of each phase. Overall, it will cost about R3 000000 and the first phase will receive R500000. The approval limit for the project manager will be R50 000, after which all purchase orders must be signed off by the project steering committee. Your task is to produce a project charter taking all of the above information into account. Use the project charter elements described in the textbook as an outline and headings to organise the charter's content. This outline and order are very important, because it makes the document readable to the audience