Skip to main content

ICT Implementation Guidelines in Government Institutions

This document is meant to guide ICT implementation and application cross all government institutions in Rwanda, in order to ensure consistency in terms of security, reliability, scalability and efficiency.

Introduction

This document is meant to guide ICT implementation and application cross all government instituti...

Objectives

These guidelines aim at providing a uniform framework for the design, configuration and managemen...

Benefits

Adoption of these guidelines will allow government institutions to: Have high quality and reli...

Scope

These guidelines are expected to be strictly adhered to by all government institutions including ...

Principles

These ICT Implementation guidelines will be used as best practices for ICT deployment. Regular...

Network and Communication Infrastructure

This section provides guidelines and requirement for deployment of IT networks across institution...

Network Design

Number of users in the institution: identify the number of network users both onsite and offsit...

Network Implementation

Network equipment: network equipment and devices comprising the core network infrastructure to ...

Network Management

Network performance: redundancy, load balancing, application response time, and quality of serv...

Hardware and End-User Equipment

This part is focused on Hardware devices including servers, desktop computers, scanners and print...

Services

Government institutions are required to host all government data in the National Data Center (NDC...

Computers and Communication devices

The following are the minimum requirements that shall guide Government institutions during the ac...

Power Supply and backup

The computer network infrastructure at the institutional premises should have main power supply a...

Scanners and printers

Government institutions are recommended to acquire printing, scanning and copying as services ins...

End-use equipment

User devices: institutional devices used by employees should be labeled and recorded. Proper na...

Hardware maintenance

Maintenance plan: All IT equipment should be checked once in every quarter, and maintained accord...

Software Applications and Data

Software applications

Architectural model for e-government applications: all systems should be documented in five vie...

Data

Data availability: Data should be available round the clock (24-hour access) to access from dif...

System Administration

System administration is a core function in ICT implementation, it involves a range of activities...

Password Protection

Password should not be written down on paper; Password should not be sent through email,  Pas...

Email Accounts

Official Government of Rwanda (GoR) employees as well as administrative visitors of departments m...

System access

Connection to the local area network (LAN): personal computers that have been out of office sha...

Cyber Security

Minimizing the exposure of systems to external networks

nstall and configure gateway firewall, IPsec and SSL VPN, and wireless; Configure inbound and ...

Implement network segmentation

Access control: should start with IT assets, data, and personnel classification into specific g...

Establish role-based access controls and implement system logging

Role-based access control: access to network resources should be granted or denied based on job...

Implement passwords policy

Strictly use strong passwords with minimum 8 characters comprised of alpha numerical and specia...

Institution level cyber security awareness

Government institution must plan for and conduct regular internal cyber security awareness for en...

Perform regular vulnerability assessment and penetration testing

Preventive maintenance: government institutions should plan and perform IT infrastructure vulne...

ICT Strategic Plan

All public institutions are advised to develop an ICT strategic plan to guide the adoption and im...

ICT Project Management

ICT project initiation: all ICT projects should be derived from the assessment as indicated in ...

ICT Function, Staffing and Training

ICT Committee

ICT committee: it is imperative that all government institutions establish an ICT committee. R...

ICT Unit

The ICT structure of public entities is established through consultation between the concerned en...

ICT staff recruitment process

Recruitment procedure: the recruitment of ICT staff is done jointly by the recruiting instituti...

ICT talent and capacity building

All ICT staff across the Government should perform team and individual self-skills assessment, ...

ICT Hardware and Software Acquisition

Submission of annual ICT procurement plan to RISA

ICT procurement plans: all government institutions should consolidate and share with RISA at ce...

ICT centralized procurement

Centralized hardware procurement − On yearly basis, RISA selects commonly procured ICT items...

Decentralized ICT tenders

Procurement process: institutions should obtain approval from RISA to initiate anyICT procureme...

Development vs acquisition of software

Decision to acquire or develop the software: government institutions should seek advice from RI...

Minimum requirements to determine the best solution

Total lifecycle cost: including initial cost, installation, training, and recurrent cost for ma...

Internet bandwidth procurement

Internet services: government institutions should source all their internet services (4G intern...

Procurement of hosting and cloud services

Hosting and cloud services: government institutions should source all their hosting needs through...

Consequences of Non-Complience

Non-compliance of these guidelines may lead to disciplinary actions, where the individual will st...

Document Review Cycle

RISA shall review these guidelines annually or when deemed necessary to address new issues arisin...

References

Guideline on minimum Bandwidth for Broadband Internet Connectivity in Rwanda Directives on Cyb...
Back to top