Search Results

Provide role-specific training and general awareness sessions.  Topics should include: Data protection law and privacy (Law No 058/2021). Secure development lifecycle and secure configuration. Phishing awareness and safe handling of sensitive data. Inci...

Schedule regular audits, internal and external assessments, and maintain documented evidence for compliance. Update controls and PIAs when legal/regulatory or threat landscapes change. Use KPIs (e.g: time-to-patch, vulnerabilities found vs remediated) to drive...

Law No 058/2021 Relating to the Protection of Personal Data and Privacy. Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software, CISA, October 2023. Minimum Cybersecurity Standards for Public Institutions, NCSA,...

This guideline aims to provide clear, actionable instructions to embed security and privacy into software systems used by the Government of Rwanda. It seeks to: Ensure confidentiality, integrity, availability, and privacy of personal data throughout the sof...

What this guideline covers This guideline applies to all software systems developed, acquired, deployed, or maintained by Government of Rwanda (GoR) institutions. It provides step-by-step instructions, controls, and best practices for embedding privacy and se...