To establish a standardized framework for the development, deployment, oversight, and lifecycle management of digital applications created for or by government entities, ensuring security, transparency, operational integrity, and public trust.
This policy applies to all applications developed, commissioned, or maintained by government agencies, departments, or affiliated contractors.
All government apps must be formally approved by the relevant authority (e.g., CIO, Permanent Secretary, or designated ICT lead).
Ownership of the app including source code, data, and branding, must reside with the government agency.
Apps must follow secure coding practices and comply with national ICT standards.
Developers must use official government email addresses and submit documentation verifying authorization to build on behalf of the agency.
Apps must include a clear, accessible privacy policy detailing data collection, usage, storage, and sharing practices.
Personal data must be collected only when necessary and stored securely in compliance with data protection laws.
Apps must clearly state their affiliation with the government and provide verifiable sources of information (e.g., .gov or .org domains).
Misleading claims or unauthorized representations of government services are strictly prohibited.
Agencies must designate a responsible officer for ongoing maintenance, bug fixes, and content updates.
Apps must be reviewed annually for relevance, security, and performance.
Agencies must designate a responsible officer for ongoing maintenance, bug fixes, and content updates.
Agencies must implement access controls, audit trails, and incident response protocols.
A centralized registry of all government-developed apps must be maintained by the ICT Unit.
Each app entry must include: name, purpose, responsible officer, launch date, update history, hosting details, and last review date.
All apps must include usage analytics to track engagement, performance, and operational relevance.
Apps with minimal or no activity over a 6–12 month period will be flagged for review.
Annual lifecycle reviews will determine whether an app remains active, requires updates, or should be decommissioned.
Apps deemed obsolete, insecure, or no longer aligned with agency objectives must undergo formal decommissioning.
The responsible officer must submit a decommissioning request to the ICT Unit.
Data must be archived in accordance with government records management policy.
Public access must be disabled, and internal teams notified of the change.
Agencies must coordinate with the Communications Unit to ensure appropriate PR materials (e.g., banners, posters, digital assets) are available for app launches and public engagement.
All visual assets must align with government branding guidelines and be approved prior to distribution.
This policy shall be reviewed annually by the ICT Unit in collaboration with relevant stakeholders. Revisions may be made to reflect changes in technology, legislation, operational needs, or feedback from agencies. All updates must be formally approved and circulated to affected departments.
All departments and personnel involved in the development, deployment, or oversight of government applications must acknowledge receipt and understanding of this policy. A signed acknowledgement form or digital confirmation must be submitted to the DICT prior to initiating any app-related activities.