Objectives

This guideline aims to provide clear, actionable instructions to embed security and privacy into software systems used by the Government of Rwanda. It seeks to: 

 

 Ensure confidentiality, integrity, availability, and privacy of personal data throughout the software lifecycle. 

 Provide standardized, auditable steps and deliverables for all phases of software development, deployment, and maintenance. 

 Promote proactive identification and mitigation of security and privacy risks. 

 Align software practices with Law No 058/2021 (Data Protection) and national cybersecurity standards. 

 Support a consistent approach across GoR institutions, contractors, and service providers. 

 

 Intended outcomes 

 Following this guideline, users should be able to: 

 

 Implement secure and privacy-aware software systems from initiation to decommission. 

 Minimize risks of data breaches or unauthorized access. 

 Maintain compliance with legal and regulatory requirements. 

 Enhance public trust in digital government services.