Regulatory Alerts2020-06-22
Bank of Ghana Cyber and Information Security Directive
The Bank of Ghana mandates Regulated Financial Institutions to establish and maintain a comprehensive cyber and information security management system ensuring the confidentiality, integrity, and availability of critical information assets. The Directive requires dedicated governance structures, including a Board-appointed Chief Information Security Officer and an independent cybersecurity budget, alongside proportionality-based risk assessments tailored to each institution's size and complexity. Furthermore, it enforces rigorous third-party oversight, cloud security controls, continuous testing regimes, and mandatory incident reporting to ensure sustained operational resilience against evolving cyber threats.
Share