What this article covers
Step-by-step instructions for appointing an Information Officer (IO), generating the formal Appointment Letter, and registering the IO with the Information Regulator.
Table of contents
- Background
- Before you start
- Step 1 — Open the Information Officer tab
- Step 2 — Open the Appointment Letter editor
- Step 3 — Complete Section 1: Officer Selection
- Step 4 — Review remaining sections
- Step 5 — Preview the letter
- Step 6 — Save a draft
- Step 7 — Generate the Appointment Letter
- Step 8 — Register the IO with the Information Regulator
- Changing the Information Officer
Background
Every private company must designate a person as its Information Officer. This person is responsible for managing access to information requests under PAIA and ensuring the company complies with POPIA. Their appointment must be formalised with a written letter, and they must be registered with the Information Regulator.
If no IO is currently appointed, the company’s head of body (usually the CEO or director) automatically acts as IO by default under PAIA.
Before you start
- The person you are appointing must already exist in the platform as a person record. If they do not, add them as a contact first.
- Have their ID number and designation (job title) on hand.
- Confirm the intended appointment date.
Step 1 - Open the Information Officer tab
- Open the Information Regulator module for the relevant company.
- Click the Information Officer tab along the top.
If an IO has already been appointed, their details will appear in the table at the top of this tab. If not, you will see an empty table with a prompt to create a new appointment.
Step 2 - Open the Appointment Letter editor
- Click Create Appointment Letter (or the edit icon next to an existing appointment).
- The letter editor opens, divided into seven sections in the left-hand sidebar:
Section | What you fill in |
1. Officer Selection | Search for and select the person from your existing contacts |
2. Company Info | Review auto-populated company details; correct if needed |
3. Declaration | A statutory declaration of appointment — editable if required |
4. Duties | The formal list of IO duties — pre-populated and editable |
5. Authority | The scope of authority granted to the IO — pre-populated and editable |
6. Compliance | Additional compliance context and obligations |
7. Signatory | The name and designation of the person signing the letter on behalf of the company |
Click each section in the sidebar to navigate between them.
Step 3 - Complete Section 1: Officer Selection
- In the Officer Selection section, use the search field to find the person you are appointing.
- Select them from the results. Their full name will auto-populate.
- Enter their ID number if not already pre-filled.
- Enter their designation (e.g. Chief Financial Officer).
- Set the Appointment Date — this is the date the appointment takes effect.
Note: The appointment date is a legal date and will appear on the generated letter. Choose it carefully.
Step 4 - Review remaining sections
Work through sections 2 to 7 using the sidebar. The default text in sections 3–6 has been drafted in line with PAIA and POPIA requirements. You may edit this text, but it is recommended to consult a legal professional before making substantive changes to the statutory language.
Step 5 - Preview the letter
At any point, click the Preview Mode button (top right of the editor) to see how the letter will look when generated. Click Edit Mode to return and make changes.
Step 6 — Save a draft
Click Save Draft to save your progress without generating the document. Drafts can be returned to at any time.
Drafts do not mark the Information Officer category as complete on the Dashboard. You must generate the final document to record completion.
Step 7 - Generate the Appointment Letter
- Once all sections are complete, click Generate Letter.
- The platform will compile the letter as a PDF and save it to the Workspace tab.
- A success notification will confirm the document has been generated.
- The Information Officer category on the Dashboard will update to Complete.
Step 8 - Register the IO with the Information Regulator
After generating the letter, the IO must be formally registered with the Information Regulator of South Africa. This is done externally through the Regulator’s online portal.
The Appointment Letter PDF generated in step 7 is typically required as a supporting document during registration.
Once registered, the Regulator issues a Registration Certificate. A placeholder is available in the Information Officer tab where this certificate can be noted once received.
Changing the Information Officer
If the current IO leaves or changes roles:
- Return to the Information Officer tab.
- Appoint the new person by repeating the steps above.
- Generate a new Appointment Letter with the updated details and new appointment date.
- Register the new IO with the Information Regulator.
The previous IO’s letter will remain visible in the Workspace for record-keeping purposes.
Related articles
- IMCP-PAIA-001: Overview of the Information Regulator Module
- IMCP-PAIA-005: Managing Deputy Information Officers
Article ID: IMCP-PAIA-002 Module: Information Regulator (PAIA) Applies to: SYS / ADM / PADM roles
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article