Recently Updated Pages
Search Engine Optimization [Recommended]
GoR websites must be optimized for search engines to ensure that they appear high in search resul...
Branding [Mandatory]
Websites should be designed to reflect the Government of Rwanda's branding and must be aligned wi...
Data Protection & Privacy [Mandatory]
Websites should respect user privacy and comply with Rwanda’s law on data protection and data pri...
Security [Mandatory]
Websites should be designed with security in mind. This includes using secure hosting, encryption...
Performance [Mandatory]
Websites should be designed to perform well on all devices and platforms, including desktops, lap...
User-centered design [Mandatory]
Websites should be designed with the user in mind. Websites should be easy to use, navigate, and ...
Development Lifecycle [Mandatory]
The Website development lifecycle should follow a systematic process in line with RISA software l...
Scope and Objectives
This document provides mandatory policies and guidelines for Government of Rwanda websites at bot...
Introduction
This document outlines guidelines for the development and management of websites and portals of ...
Entry into force
This guideline shall come into force on the date of its signature by the Chief Executive Officer ...
Scope and Objectives
These guidelines cover the entire software lifecycle from initiation definition to decommissionin...
Introduction
The purpose of these guidelines is to define and standardize the process for acquiring, implement...
Entry into force
This guideline shall come into force on the date of its signature by the Chief Executive Officer ...
Biometrics[Recommended]
Biometrics can be considered as an additional layer of authentication where it is available and w...
Multi-Factor Authentication[Mandatory]
Multi-Factor Authentication (MFA) is strongly recommended as the primary authentication method fo...
Password policies[Mandatory]
Appropriate password policies should be defined covering password expiration period, password com...
Securing login credentials [Mandatory]
Users should be made aware to keep login credentials such as User IDs and Passwords confidential ...
Generic or shared user accounts[Mandatory]
User accounts should not be generic or shared but traceable to specific individuals for purposes ...
Third parties access[Mandatory]
Third parties should not be provided access to software in a production/live environment unless t...
Termination of user accounts [Mandatory]
User accounts should be terminated or disabled when a user leaves the institution. There should b...