5. Guidelines










                           (II) Group – Each file is assigned to a group. Users who are part of that specific group
                           will gain access to the permissions of the group.
                           (III) Public – Everyone else.
             (z)        Customise  users  and  their  permission  settings.  Do  not  keep  the  default  settings  as  is,

             otherwise it shall run into website security issues at some point.
             Evaluator action:  The evaluator shall check to ensure that the Government organisation actions are
             being complied.



             Statement: Website has the Security Policy, Privacy Policy and the

             Contingency Management Plan clearly defined policies and

             plans approved by the government organisation.                                             5.3.3



             Benefits: Having clearly defined policies helps ensure efficient management of the website/app

             and its content throughout the life cycle of the website.
             Government  organisation  action:  Clearly  define  and  approve  the  website/app  related  policies
             listed above. Web Information Manager must ensure their implementation throughout the
             website/app life cycle.
             Developer  action:  Citizen-facing  policies  like  copyright  policy,  privacy  policy  and  terms  and

             conditions must be published on the website.
             Evaluator action: The evaluator will:
                    (a)     Compare during the backend audit the policies given in WQM and those available at the

                    website/app for consistency.
                    (b)     Check the implementation of these policies by examining the documented records
                    generated by the implementation.




























                                                             91