Search Results

Government institution must plan for and conduct regular internal cyber security awareness for end users at 3 times per year in partnership with RISA.

Preventive maintenance: government institutions should plan and perform IT infrastructure vulnerability assessment and penetration testing at least once a year. Incidence response: government institutions should be prepared to mitigate or to respond as quic...

All public institutions are advised to develop an ICT strategic plan to guide the adoption and implementation of ICT in accordance to each institution’s functions, in line with SmartRwanda Master Plan, the enterprise architecture blueprint development guidelin...

ICT project initiation: all ICT projects should be derived from the assessment as indicated in the above section of ICT strategic planning. All institutions are advised to involve RISA at the starting of the project, since the project concept elaboration. I...

ICT committee: it is imperative that all government institutions establish an ICT committee. Role of the ICT Committee: the primary role of the IT committee is to define the institution’s ICT Strategy and ensure all ICT projects within respective entity dep...

The ICT structure of public entities is established through consultation between the concerned entity, RISA and MIFOTRA. Ideally, the reporting line for ICT function should be direct to the Chief Budget Manager, where it is not the case, ICT unit is advised to...

Recruitment procedure: the recruitment of ICT staff is done jointly by the recruiting institution and RISA. ICT job vacancy advertisement: is initiated at institutional level and each institution will submit ToRs to RISA ahead of time for review. Candidate...

All ICT staff across the Government should perform team and individual self-skills assessment, skills development in accordance to respective job profile and duties. All ICT staff should leverage huge rich content and trainings available for continuous impr...

ICT procurement plans: all government institutions should consolidate and share with RISA at centralizedprocurement@risa.gov.rw their ICT procurement plans on yearly basis in accordance to the government planning cycle. RISA compiles and harmonizes submitted...

Centralized hardware procurement − On yearly basis, RISA selects commonly procured ICT items from submitted institutional ICT procurement plans.− RISA sets technical specifications based on government needs and technologytrend.− RISA initiates annual cent...

Procurement process: institutions should obtain approval from RISA to initiate anyICT procurement process Relevance of the hardware/software item: RISA shall confirm the to be acquired based on submitted ICT gap analysis and ICT gap bridging roadmap in refe...

Decision to acquire or develop the software: government institutions should seek advice from RISA about the acquiring or developing the software.The below criteria should be based on in order to take a decision between acquisition anddevelopment: Government...

Total lifecycle cost: including initial cost, installation, training, and recurrent cost for maintenance and support. Maintainability: the ease of how (cost and effort) the software can be modified tocorrect faults, improve performance or other attribute or...

Internet services: government institutions should source all their internet services (4G internet and Fiber Internet connection) needs through the established framework as per the March 2012 ministerial instructions. (See annex) Bandwidth capacity to be pur...

Hosting and cloud services: government institutions should source all their hosting needs through the established framework asper the March 2012 ministerial instructions.Government entities sign individual contracts with the provider and a sample contracts as ...

Non-compliance of these guidelines may lead to disciplinary actions, where the individual will stand for all risks and damage caused by not implementing these guidelines. Exceptions to these guidelines shall be allowed only if approved by RISA.

RISA shall review these guidelines annually or when deemed necessary to address new issues arising from the use of IT systems and emerging technology trends in the industry. IT department in every government institution shall investigate and follow-up on repor...

Guideline on minimum Bandwidth for Broadband Internet Connectivity in Rwanda Directives on Cyber Security for Network and Information System

The purpose of these guidelines is to help public entities and GoR’s private partners to have a common understanding of EA practice and to guide the systematic mapping of the institution’s IT landscape (Blueprint) in clear steps namely: the ASIS situation, the...

For full guidance and overall context purpose, this document should be read in conjunction with the following documents: Government of Rwanda Enterprise Architecture Governance: This document outlines the governance structure around enterprise architecture wi...