Page 8 - GiGW3
P. 8
1. Introduction
society and government organisations. GIGW guidance to government organisations on how same. Such guidance and advisories issued by all government organisations and their
2.0 took note of the standards evolved by to leverage public digital infrastructure devised CERT-In from time to time should be treated as implementation and evaluation partners.
international bodies like the world-wide web for whole-of-government delivery of services, updates to the guidance contained in the Government organisations are expected to
consortium (W3C) and advancements in bene ts and information. These cover aspects chapter on cybersecurity and any assessments carefully assess their existing websites, web
technology. It also included guidance on mobile such as API level integration for use of or audit carried out with reference to GIGW 3.0 portals, web applications and mobile apps
apps. integration with social media, India Portal, should also be cognizant of the same. Further, against GIGW 3.0, identify areas requiring
This version is the third version of GIGW (GIGW DigiLocker, Aadhaar-based identity, single while government organisations may continue improvement, draw up time bound
3.0). While the earlier versions were formulated sign-on, data sharing in open formats on the to establish conformity with GIGW 3.0 by implementation plans to achieve conformity
in-house with external inputs, GIGW 3.0 has government’s data platform, government’s obtaining Certi ed Quality Website (CQW) with GIGW 3.0 and obtain CQW certi cation
been formulated jointly with Standardisation scheme discovery platform, government’s certi cation from the STQC Directorate, the from the STQC Directorate. Similarly, websites,
Testing and Quality Certi cation (STQC) citizen engagement platform MyGov, AI-based certi cation of cybersecurity aspects by STQC web portals, web applications and mobile apps
Directorate of the Ministry of Electronics and Indian language translation tools, seamless may be done on the basis of the “safe to host” that are at the design or implementation stage
Information Technology and Indian Computer content/data access across web-based certi cate issued by the cybersecurity auditors may also be reviewed to ensure that their
Emergency Response Team (CERT-In), so that solutions of government organisations. GIGW empanelled by CERT-In/STQC or the auditors of design, architecture, development and scope of
the experience of conformity with GIGW 3.0 o ers upgraded guidelines on accessibility STQC or NIC. audit conform to GIGW 3.0 and requisite
gathered by the STQC Directorate auditors and of websites and apps, with a view to make To make the guidelines more readily usable, approvals, resources etc. are tied up to ensure
the cybersecurity experience and knowledge of access to cyberspace more inclusive. In view of which entity/person has a role in implementing this.
CERT-In also inform the GIGW. As in earlier incorporation of comprehensive guidance in a particular guideline has been identi ed in While GIGW embodies general guidance for
versions, GIGW 3.0 too has also been formulated this version on apps as well (in addition to every guideline. Thus, each guideline speci es government websites, web portals, web
in association with industry and experts. websites), this version is titled “Guidelines for whether the same is to be acted upon by the applications and mobile apps, particular
The key thrust of GIGW 3.0 is on o ering speci c Indian Government Websites and Apps”. government organisation concerned or the website/app use cases may require adoption of
guidance to government organisations on how However, since the acronym GIGW gained wide developer or the evaluators. higher norms and speci c technologies.
n recent years, digital technologies have (NIC) formulated the Guidelines for Indian
to improve the user interface and user currency, the acronym has been retained, with The e ectiveness of GIGW 3.0 in enhancing ease Government organisations may keep this in
increasingly contributed to economic Government Websites (GIGW) in the year 2009.
experience (UI and UX), by incorporating the letter “W” being signifying “Websites and of living through various web-based initiatives mind while formulating their design,
growth and citizen empowerment. GIGW aims to ensure quality and accessibility of
features such as intuitive page loading (using AI Apps”. of the government would depend on their architecture and scope and may consult NIC in
These technologies have become government guidelines, by o ering guidance
and analytics) based on user journey and user A chapter on cybersecurity, formulated by e ective implementation in letter and spirit by case they desire technical advice in the matter.
ubiquitous in everyday life and enable on desirable practices covering the entire
pro le, using state-of-the-art content CERT-In, has also been incorporated so that
people to access various services from the lifecycle of websites, web portals and web
management system (CMS), user-centric GIGW can serve as a single point of reference on
comfort of their homes. Government has applications, right from conceptualisation and
information architecture (IA), centralised all the relevant aspects — quality, accessibility
established web presence through multiple design to their development, maintenance and
monitoring dashboard to identify and provide and security — relating to websites, web
websites, web portals, web applications and management. The Department of
alerts on non-conformity and technical portals, web applications and mobile apps.
mobile apps that o er information and services Administrative Reforms and Public Grievances
enablement of all content creators and Since cybersecurity requirements undergo
to the public. However, inconsistency in made the same a part of the Central Secretariat
publishers. continuous evolution in light of emerging
conventions, layout standards, navigation Manual of O ce Procedure.
GIGW 3.0 also signi cantly enhances the threat scenarios, threat vectors and
strategies and technologies adopted can The second version of GIGW (GIGW 2.0) was
guidance on the accessibility and usability of technologies, CERT-In continuously issues
reduce the e ectiveness of websites/apps. developed in 2019, taking into account
mobile apps, especially by o ering speci c updated guidance and advisories to address the
In this context, the National Informatics Centre feedback from and consultations with industry,
8
