Page 7 - GiGW3
P. 7
1. Introduction
society and government organisations. GIGW guidance to government organisations on how same. Such guidance and advisories issued by all government organisations and their
2.0 took note of the standards evolved by to leverage public digital infrastructure devised CERT-In from time to time should be treated as implementation and evaluation partners.
international bodies like the world-wide web for whole-of-government delivery of services, updates to the guidance contained in the Government organisations are expected to
consortium (W3C) and advancements in bene ts and information. These cover aspects chapter on cybersecurity and any assessments carefully assess their existing websites, web
technology. It also included guidance on mobile such as API level integration for use of or audit carried out with reference to GIGW 3.0 portals, web applications and mobile apps
apps. integration with social media, India Portal, should also be cognizant of the same. Further, against GIGW 3.0, identify areas requiring
This version is the third version of GIGW (GIGW DigiLocker, Aadhaar-based identity, single while government organisations may continue improvement, draw up time bound
3.0). While the earlier versions were formulated sign-on, data sharing in open formats on the to establish conformity with GIGW 3.0 by implementation plans to achieve conformity
in-house with external inputs, GIGW 3.0 has government’s data platform, government’s obtaining Certi ed Quality Website (CQW) with GIGW 3.0 and obtain CQW certi cation
been formulated jointly with Standardisation scheme discovery platform, government’s certi cation from the STQC Directorate, the from the STQC Directorate. Similarly, websites,
Testing and Quality Certi cation (STQC) citizen engagement platform MyGov, AI-based certi cation of cybersecurity aspects by STQC web portals, web applications and mobile apps
Directorate of the Ministry of Electronics and Indian language translation tools, seamless may be done on the basis of the “safe to host” that are at the design or implementation stage
Information Technology and Indian Computer content/data access across web-based certi cate issued by the cybersecurity auditors may also be reviewed to ensure that their
Emergency Response Team (CERT-In), so that solutions of government organisations. GIGW empanelled by CERT-In/STQC or the auditors of design, architecture, development and scope of
I gathered by the STQC Directorate auditors and of websites and apps, with a view to make To make the guidelines more readily usable, approvals, resources etc. are tied up to ensure
the experience of conformity with GIGW
audit conform to GIGW 3.0 and requisite
STQC or NIC.
3.0 o ers upgraded guidelines on accessibility
access to cyberspace more inclusive. In view of
which entity/person has a role in implementing
this.
the cybersecurity experience and knowledge of
Introduction 1.0 CERT-In also inform the GIGW. As in earlier incorporation of comprehensive guidance in a particular guideline has been identi ed in While GIGW embodies general guidance for
every guideline. Thus, each guideline speci es
government websites, web portals, web
this version on apps as well (in addition to
versions, GIGW 3.0 too has also been formulated
applications and mobile apps, particular
in association with industry and experts.
whether the same is to be acted upon by the
websites), this version is titled “Guidelines for
The key thrust of GIGW 3.0 is on o ering speci c Indian Government Websites and Apps”. government organisation concerned or the website/app use cases may require adoption of
I n recent years, digital technologies have (NIC) formulated the Guidelines for Indian to improve the user interface and user currency, the acronym has been retained, with The e ectiveness of GIGW 3.0 in enhancing ease Government organisations may keep this in
guidance to government organisations on how
However, since the acronym GIGW gained wide
higher norms and speci c technologies.
developer or the evaluators.
increasingly contributed to economic
Government Websites (GIGW) in the year 2009.
their
while
formulating
mind
of living through various web-based initiatives
the letter “W” being signifying “Websites and
design,
experience (UI and UX), by incorporating
growth and citizen empowerment.
GIGW aims to ensure quality and accessibility of
features such as intuitive page loading (using AI
These technologies have become
government guidelines, by o ering guidance
and analytics) based on user journey and user Apps”. of the government would depend on their architecture and scope and may consult NIC in
e ective implementation in letter and spirit by
A chapter on cybersecurity, formulated by
case they desire technical advice in the matter.
ubiquitous in everyday life and enable on desirable practices covering the entire
pro le, using state-of-the-art content CERT-In, has also been incorporated so that
people to access various services from the lifecycle of websites, web portals and web
management system (CMS), user-centric GIGW can serve as a single point of reference on
comfort of their homes. Government has applications, right from conceptualisation and
information architecture (IA), centralised all the relevant aspects — quality, accessibility
established web presence through multiple design to their development, maintenance and
monitoring dashboard to identify and provide and security — relating to websites, web
websites, web portals, web applications and management. The Department of
alerts on non-conformity and technical portals, web applications and mobile apps.
mobile apps that o er information and services Administrative Reforms and Public Grievances
enablement of all content creators and Since cybersecurity requirements undergo
to the public. However, inconsistency in made the same a part of the Central Secretariat
publishers. continuous evolution in light of emerging
conventions, layout standards, navigation Manual of O ce Procedure.
GIGW 3.0 also signi cantly enhances the threat scenarios, threat vectors and
strategies and technologies adopted can The second version of GIGW (GIGW 2.0) was
guidance on the accessibility and usability of technologies, CERT-In continuously issues
reduce the e ectiveness of websites/apps. developed in 2019, taking into account
mobile apps, especially by o ering speci c updated guidance and advisories to address the
In this context, the National Informatics Centre feedback from and consultations with industry,
7
