Application software quietly powers the systems we rely on every day, from public and financial services to healthcare, education, and business operations. As digital adoption accelerates, cyber threats are evolving just as quickly, often exploiting weaknesses in poorly designed or inadequately secured software. Security is no longer optional. It is a fundamental requirement.

To address this, NCSA has issued Application Software Security Directives that translate the principle of security by design into practical, actionable steps across the entire software development lifecycle.

These directives apply to all application software accessible via the internet or intranet. They are intended for IT engineers, managers, software developers, testers, security personnel, software owners, and anyone responsible for managing or maintaining application systems within public or private institutions operating in Rwanda.

By following these directives, stakeholders can clearly understand their roles, reduce preventable risks, and contribute to building secure, reliable applications that protect both institutional data and the people who depend on it.