REPUBLIC OF CAMEROON Peace - Work - Fatherland MINISTRY OF FINANCE GENERAL SECRETARIAT INFORMATION SYSTEMS DEPARTMENT
TRAVAIL INCLUDING REPUBLIQUE DU CAMEROUN Paix - Travail - Patrie MINISTERE DES FINANCES SECRETARIAT GENERAL DIVISION DES SYSTEMES D'INFORMATION
INSTRUCTION No. 00000437 / I/MINFI/SG/DSI of 22 DEC 2021 On the application of the Information Systems Security Policy at the Ministry of Finance.
# The Minister of Finance
TO THE
SECRETARY GENERAL; INSPECTORS GENERAL; CTR/CTPL PRESIDENTS; DIRECTORS GENERAL; TECHNICAL ADVISERS; DIRECTORS AND THOSE OF SIMILAR RANKING.
Over time, information systems have played a pivotal role in the management of public finances in general and in the implementation of the missions of the Ministry of Finance (MINFI) in particular. Indeed, they contribute in a consistent manner to the achievement of the objectives of the structures of our ministry.
However, their interoperability together with their openness to the general public creates risks of compromising the availability, confidentiality and integrity of information that can cause considerable damage to the system.
To guard against these threats, I hereby instruct that you implement the Ministry's Information Systems Security Policy, which aims to achieve the following strategic objectives
- Supporting the development of the Ministry of Finance's information system;
- To set up a transversal and homogeneous security organization based on a network of correspondents in charge of proximity security;
- Ensure the consistency of the level of logical and physical protection of the Information System;
- To make the security level homogeneous between the central administration, the deconcentrated services and the external ones;
- Support the Information Systems Master Plan by strengthening the reliability and coherence of the Ministry of Finance's IT ecosystem;
- Promote a culture of safety through codes of good practice accessible to users, partners and service providers;
Page 1 sur 2
- Support the strengthening of the level of protection of partners by developing standards and the pooling of protection resources.
In addition, the information systems security policy, purpose of this instruction, is composed of the following set of documents:
The General Security Policy: a document for public distribution, comprising a set of rules grouped by theme;
The action plan: which rolls out a set of projects to be implemented in the short term, with a view to continuously improving the level of security of the information system;
The Specific Policies: which are documents restricted to the confines of the Ministry of Finance and which deal with specific security issues, in particular password management policies and incident management policies.
In such a context, your missions and your role in upgrading the security of information systems within the structures under you, are of particular importance.
Therefore, I urge you to ensure strict compliance with this policy in your respective structures, taking into account the requirements of these policies in current and future IT projects.