ISACA Kampala Chapter
Share
Welcome to the ISACA Kampala Chapter
Our Vision: "Trust in, and Value from Information systems"
08/06/2026
⚠️ A privacy incident and a security incident can overlap — but they are not the same thing, and they should not trigger the exact same response.
A security incident focuses on the compromise of systems, networks, or controls.
A privacy incident focuses on the impact on personal data and the rights of individuals.
That distinction matters.
A system outage may be a security issue.
Unauthorized disclosure of personal data may be a privacy issue.
A ransomware event involving customer records may be both.
Why this matters:
✨ different legal and regulatory obligations may apply
✨ notification requirements can differ
✨ affected stakeholders are not always the same
✨ the response team may need different expertise
A stronger incident response approach asks:
📌 Was personal data involved?
📌 What type of data was affected?
📌 Is there risk to individuals, not just to systems?
📌 Which playbook should lead the response?
Good governance means knowing when to activate the security response, the privacy response, or both.
Because protecting systems is not identical to protecting people’s data.
What do you think organizations confuse most: impact assessment, reporting obligations, or response ownership?
04/06/2026
⚠️ Governance gets slower, messier, and riskier when decision rights are unclear.
One of the simplest questions in governance is also one of the most important:
Who approves what?
When that is not clear, organizations often run into:
✨ delayed decisions
✨ duplicated approvals
✨ weak accountability
✨ confusion during escalation
✨ unnecessary friction across teams
Clear decision rights matter because they define:
📌 who makes the decision
📌 who must be consulted
📌 who provides input
📌 who is accountable for the outcome
Without that clarity, even strong teams can lose momentum.
Good governance is not about adding more approvers.
It is about assigning the right decisions to the right people at the right level.
Because when approval paths are vague, risk increases.
When decision rights are clear, ex*****on improves.
What do you think hurts organizations most: too many approvers, unclear ownership, or slow escalation?
Click here to claim your Sponsored Listing.
Contact the practice
Telephone
Address
Uganda Institute Of/Communication And Information Technology (UICT), Plot 19-21 PortBell Road, Nakawa, Sat-Com Block 2
Kampala
256
Opening Hours
| Monday | 09:00 - 17:00 |
| Tuesday | 09:00 - 17:00 |
| Wednesday | 09:00 - 17:00 |
| Thursday | 09:00 - 17:00 |
| Friday | 09:00 - 17:00 |
