Business Computing Research

IT Positions in South Africa, do they require tertiary education?

In South Africa, there is a strong emphasis on experience when it comes to technical or IT positions. IT job ads in South Africa are generally opened up with a requirement of “IT related Degree or Diploma” but, in my experiences of being an applicant without a degree (only a 1-year Comp Sci. diploma) as well as being in the position of hiring applicants, this is often just a small benefit when it comes to the final choice. In the interviews I have taken part in I have never had an in depth discussion about the qualifications either I myself have or an applicant that I am interviewing has.

In this (IT) industry in South Africa, it’s a known fact that for technical positions (programmers, technicians etc.), salary is almost solely based on the amount of experience an applicant has.

Another point I found when being an applicant with a diploma is that the difference between a 1 diploma and a 3 year degree is quite vast. Not exactly 2 years ahead due to degrees generally being spread out with a lot of holidays and the 1 year diplomas being 48 out of the 52 weeks in the year, but still a very significant amount more learning is gained in the degree program. Yet, job ads were looking for “either a degree or diploma”.

I do keep up to date with job postings for IT related positions in my country and I have found that recently, a number of jobs are asking for a “3 year degree” rather than simply a degree or diploma.

For positions in management, which mainly consist of project manager positions, project management training has always been a requirement in my experience of reading through positions, but along with that comes a requirement of, generally, a minimum of 3 years of experience in project management.

This brings me to the catch-22 of the job market in South Africa that I found in my first 2 years of being in the industry. Practically nobody will even interview you without relevant experience, let alone hire you. Without experience you cannot get a job, and without a job you most certainly can’t get (valuable) experience.

I feel the main area where specific training is not a major requirement is in the field of IT support. Many positions are available in support and most of them involve being trained in the specific scenarios of the organisation on the job. Even with regards to hardware support, I find the most talented hardware support people have learned themselves. The courses such as the A+ and other technical courses, which I have done personally, are almost trivial to someone who has “played around” with computers for a few years. In my opinion, it is difficult to teach such an area as the reasons behind hardware/software failing are not standard, they require trial and error even for the experienced hardware technician.

For technical positions, I have always, and my colleagues in the industry, been given mini-projects to complete and/or written general tests. Personally I give applicants a mini-project as I do not believe that written tests are a good when it comes to programming, specifically. Knowing functions off by heart doesn’t mean much, as generally we all have access to the internet to solve these issues, rather the ability to solve a problem and produce a project with good quality code.

To conclude, the situation in South Africa has become more focused on pre-trained individuals over the years – but this is generally just an initial prerequisite to avoid interviewing potentially mis-fit applicants. The strongest focus does still lie on experience in the specific field that is being applied for. 

Law Research

Privacy and Data Protection laws in South Africa

The South African Bill of Rights states that everyone has the right to privacy which includes the right to not have their person, home or property searched, their posessions seized or the privacy of their communications infringed (South African Government, 2009).

The same Bill of Rights states that everyone has the right of access to any information held by the state and “any information that is held by another person and that is required for the excersize or protection of any rights” (South African Government, 2009).

South Africa also has the “ECT Act” (Electronic Communications and Transactions Act), which covers personal information that has been obtained through electronic transactions, which defines a set of rules between the person the information is about and the person/organisation (“data controller”) who is holding that information. This act states that the data controller must abide by all of the following points:

“(1) A data controller must have the express written permission of the data subject for the collection, collation, processing or disclosure of any personal information on that data subject unless he or she is permitted or required to do so by law.

(2) A data controller may not electronically request, collect, collate, process or store personal information on a data subject which is not necessary for the lawful purpose for which the personal information is required.

(3) The data controller must disclose in writing to the data subject the specific purpose for which any personal information is being requested, collected, collated, processed or stored.

(4) The data controller may not use the personal information for any other purpose than the disclosed purpose without the express written permission of the data subject, unless he or she is permitted or required to do so by law.

(5) The data controller must, for as long as the personal information is used and for a period of at least one year thereafter, keep a record of the personal information and the specific purpose for which the personal information was collected.

(6) A data controller may not disclose any of the personal information held by it to a third party, unless required or permitted by law or specifically authorised to do so in writing by the data subject.

(7) The data controller must, for as long as the personal information is used and for a period of at least one year thereafter, keep a record of any third party to whom the personal information was disclosed and of the date on which and the purpose for which it was disclosed.

(8) The data controller must delete or destroy all personal information which has become obsolete.

(9) A party controlling personal information may use that personal information to compile profiles for statistical purposes and may freely trade with such profiles and statistical data, as long as the profiles or statistical data cannot be linked to any specific data subject by a third party.” (South African Government, 2002).

In contrast to the UK, South Africa does not specifically have a Data Protection Act, if we look at the Data Protection Act 1998 for the United Kingdom (United Kingdom Government) we see that it’s section on “Rights of access to personal data” are almost the same as South Africa’s but contains a much more comprehensive overview on the subject.

Interestingly enough the U.S does not have a specific Data Protection Act. They have the “Privacy Act of 1974” and the “Computer Matching and Privacy Act” but both of which only apply to personal information held by the government and does not include other entities. The U.S has another act, “The Privacy Act” which can be described as follows: “The act set forth some basic principles of “fair information practice,” and provided individuals with the right of access to information about themselves and the right to challenge the contents of records. It requires that personal information may only be disclosed with the individual’s consent or for purposes announced in advance. The act also requires federal agencies to publish an annual list of systems maintained by the agency that contain personal information.” (Stratford & Stratford, 1998).


South African Government (2009) Chapter 2 – Bill of Rights [Online]. Available from: (Accessed: 14 November 2010).

South African Government (2002) Electronic Communications and Transactions Act, 2002, No. 25 of 2002 [Online]. Available from: (Accessed: 14 November 2010).

Stratford, J.S & Stratford, J (1998) ‘Data Protection and Privacy in the United States and Europe’, IASSIST Conference, 21 May, Yale University. New Haven, Connecticut: University of California.

United Kingdom Government (1998) Data Protection Act 1998 [Online]. Available from: (Accessed: 14 November 2010).