
Audio By Carbonatix
The Bank of Ghana (BOG) has issued the Cyber and Information Security Directive to solicit comments and inputs from the banking industry and the general public.
This is in line with the Bank of Ghana’s Procedures for the Issuance of Directives, 2020.
In light of this, the Exposure Draft shall be made available on the BOG’s website at www.bog.gov.gh for a period of not less than 14 days from the date of the publication of the Exposure Draft, for comments.
In a publication, the Central Bank said all comments should be sent to the Bank of Ghana via email at information.security@bog.gov.gh by 30 September 2025.
Accordingly, the Bank of Ghana shall consider all material comments received and provide a written explanation for comments that were incorporated into the final directive or otherwise.
The objective of this Directive is to create a secure digital environment for the financial services industry, fostering trust and confidence in ICT systems and ensuring the integrity of transactions conducted within the cyberspace; create an assurance framework for design of security policies and for promotion of compliance to global security standards and best practices by way of cyber and information security assessment, amongst others.
Governance
For governance, the Board of Regulated Financia Institutions (RFIs) are responsible to determine the RFI's cyber and information security risk management strategy, approve institutional policies of cyber and information security, outsourcing, survivability, backup and recovery from cyber incidents and attacks, and disaster events, and others.
Secondly, the Senior Management of a RFI shall create the institutional framework for cyber and information security risk management and oversee its implementation and maintenance, formulate institutional policies about cyber and information security, outsourcing, survivability, backup and recovery from cyber incidents and disaster events, among others.
Cyber and Information Security Policy and Procedures
The policies for managing cyber and information security risks shall be presented to and approved by the Board.
These policy documents, according to the directive, shall cover the cyber threat environment and its potential impact on the RFI; the RFI's approach to managing cyber and information security risks and in determining and monitoring the level of exposure to cyber and information security threats and the principles behind implementing cyber and information security measures.
In recent years, cyber-related systems and networks have been playing an increasing role in the financial sector. The financial sector relies on these infrastructures for processing transactions and transferring funds which has made them attractive and susceptible targets for cyber-attacks.
Being high-profile targets creates a distinct challenge for financial RFIs, since they must strike an optimal balance between security and maintaining efficient and reliable operations for their customers.
Latest Stories
-
North Dayi residents condemn authorities over abandoned road projects
2 minutes -
NAPRM Governing Council seeks stronger partnership with NDPC on governance, development agenda
25 minutes -
Police post torched after fatal Sayerano shooting as tensions escalate
26 minutes -
Hanan granted bail as AG moves to block UK medical trip over frozen funds
41 minutes -
NPP suspends constituency executive elections in two constituencies
47 minutes -
Old Tafo MP: Let our World Cup exit mark the beginning of football reform
53 minutes -
BR Institute partners UPSA to expand entrepreneurship training for the youth
55 minutes -
Flood death toll rises to 35; six still missing, 58,000 displaced in Accra — Interior Minister
1 hour -
Argentina complete extraordinary comeback to beat Egypt
1 hour -
Every cedi from the World Cup must develop Ghana football – Ekow Assafuah demands
1 hour -
Virtual Security Africa expands CCTV surveillance at Mamprobi Hospital
1 hour -
Ekow Assafuah: Reinvest the World Cup proceeds, rebuild Ghana football
2 hours -
GH¢308,000 in alleged theft case not stolen from DVLA — Authority clarifies
2 hours -
Trafficked at 7, rescued at 17 — Survivor Godson Glawu calls for sustained child protection funding
3 hours -
COCOBOD misses June deadline to clear GH¢6bn cocoa arrears, leaves GH¢3.4bn unpaid
3 hours