Ghana’s National Information Technology Agency (NITA), the country’s ICT industry regulator, has achieved a significant milestone by securing three ISO certifications simultaneously.
These certifications, awarded for excellence in information security, business continuity, and IT service management, underscore NITA’s commitment to providing top-tier IT services.
The ISO certifications—ISO 20000:2018 for IT Service Management, ISO 22301:2019 for Business Continuity, and the newly introduced ISO 27001:2022 for Information Security—were presented to NITA at a special cocktail event in Accra.
This ceremony marked the conclusion of the inaugural National ICT Week, held from August 26 to August 30, 2024. The awards were jointly presented by Deloitte Ghana and NITA’s external auditors, A4S.
Achieving these certifications involved rigorous assessments to ensure that NITA has the necessary frameworks, support systems, policies, and sustainable practices in place. Here’s a closer look at what each certification entails:
IT Service Management
The ISO 20000:2018 certification requires an organisation to have robust systems for optimal IT service delivery both internally and externally.
NITA’s achievement in this area reinforces confidence in its services, benefiting the public institutions it serves.
As part of this commitment, NITA operates the largest and most advanced Tier 3 data centre in West Africa, managed by its private sector partner, Smart Infraco.
This facility provides reliable and affordable IT services to public institutions and private businesses.
Business Continuity
For the ISO 22301:2019 certification, NITA demonstrated its capability to maintain operations during disruptions. This was evident in March 2024, when NITA swiftly restored internet services to state institutions within 24 hours after multiple underground fibre cuts caused nationwide disruptions.
Unlike many telecom operators and ISPs, NITA’s redundancy planning allowed it to continue operations smoothly, showcasing its effective business continuity strategies.
Information Security
With the ISO 27001:2022 certification, NITA has proven its commitment to safeguarding information.
This certification ensures that data is protected from unauthorised access, maintains integrity and accuracy, and is readily available to authorised users.
NITA’s Tier 3 data centre, which hosts a locally managed cloud, offers high-level security while ensuring data affordability by using virtual servers and billing in local currency.
In collaboration with Smart Infraco, NITA has also partnered with cybersecurity firm Trend Micro to enhance protection across all devices accessing government networks.
Richard Okyere-Fosu, NITA’s Director General, expressed pride in these achievements, highlighting that the journey to obtaining the certifications was challenging but essential.
He emphasised that the certifications are just the beginning, as NITA aims to continually improve and maintain these standards.
“These ISO certifications position NITA to provide secure, reliable, and affordable IT services to both government institutions and private businesses,” Okyere-Fosu said.
He also revealed plans for a Common National Digital Architecture (CNDA), a framework that will ensure all ICT service providers align with specific standards before offering services to the government.
Since NITA refocused on its regulatory role in 2021, it has been developing new ICT industry regulations and guidelines, which are expected to be rolled out by March 2025.
“With the policies, frameworks, systems, and measures we have implemented, NITA is in a much stronger position than when I took over,” Okyere-Fosu concluded.
These ISO certifications not only enhance NITA’s reputation but also reinforce Ghana’s position as a leader in ICT innovation and regulation in Africa.