Guidelines for Indian Government Websites and Apps (GIGW 3.0)

The Government of India has taken significant steps to improve the digital presence of its departments, ministries, and agencies through its websites and mobile apps. The Guidelines for Indian Government Websites and Apps (GIGW 3.0) aim to standardize the development, maintenance, and operation of these websites and apps. These guidelines ensure that government platforms are accessible, user-friendly, secure, and compliant with both national and international standards.

GIGW 3.0 builds upon earlier versions, incorporating the latest technological advancements and addressing the challenges that government organizations face while managing their web platforms. It has been developed with inputs from key bodies like the Standardisation Testing and Quality Certification (STQC) Directorate, CERT-In, and industry experts.

1. Quality Guidelines

Association with Government

• Emblem/Logo Use: All government websites and apps must prominently display the official emblem or logo of the respective government organization. The emblem must be displayed in the correct ratio and color, reinforcing the website/app’s authenticity. For central ministries, the State Emblem of India must be used, while state governments and public sector bodies should use their respective emblems or logos.
• Branding and Identity: Consistent use of visual identity elements (like logos and colors) helps reinforce government ownership and builds trust with users. The proper display of the emblem ensures that citizens recognize the authenticity of the website or app.

User Experience and Interface (UX/UI)

• Consistent Experience Across Platforms: Websites and apps should maintain a consistent information architecture (IA), navigation scheme, and user interface (UI) across different platforms. Consistency in design and navigation reduces the learning curve for users and makes government websites/apps easier to navigate.
• Responsive Design: Websites must use Cascading Style Sheets (CSS) to ensure responsive design. This ensures that the website adapts to various screen sizes, whether viewed on desktops, tablets, or mobile phones, enhancing the user experience for all devices.
• Cross-Browser Compatibility: Websites should be tested across multiple browsers, operating systems, and devices to ensure that they load correctly and are accessible to all users. In addition, Hindi and regional language fonts should be tested for consistency across browsers to avoid layout errors.

Providing Accurate and Current Information

• Ownership Information: Every website and app must display complete ownership information on its homepage and other key entry pages. This includes the name of the government organization, contact details, and other relevant information.
• Last Updated Date: The last date on which the content was updated or reviewed must be prominently displayed on the homepage and on all important pages. This helps users know that they are viewing current information, and it also improves the website’s ranking in search engines.
• Content Archival: Time-sensitive content such as announcements, tenders, and recruitment notices must have clearly defined expiry dates. Once expired, this content should either be removed or archived, making it accessible in a separate archival section for reference purposes.
• Error-Free Language: Government websites/apps must ensure that the language used is free from spelling and grammatical errors. Content should be manually checked or processed through automated tools to ensure clarity and precision.

APIs and Data Exchange

• Integration with Key Government Platforms: Websites should integrate with key government platforms like India Portal, DigiLocker, Aadhaar, MyGov, Single-Sign-On (SSO), and Data Platform. API-level integration ensures seamless data exchange between these platforms, enhances user experience, and prevents duplication of data.
• Cross-Linking of Information: Government websites should enable proper cross-linking with other relevant government platforms, ensuring that users can access the information they need without navigating multiple sites.

2. Accessibility Guidelines

The accessibility guidelines ensure that government websites and apps are accessible to all users, including individuals with disabilities, non-English speakers, and those using assistive technologies.

Web Content Accessibility Guidelines (WCAG) 2.1

• GIGW 3.0 aligns with the WCAG 2.1 Level AA standards, which are the latest international standards for web accessibility. These guidelines include provisions for making websites accessible to people with disabilities, such as visual, auditory, physical, speech, cognitive, and neurological disabilities.

Text Alternatives for Non-Text Content

• Captions and Audio Descriptions: All pre-recorded audio and video content should have captions and transcripts to make the content accessible to those with hearing or visual impairments. Audio descriptions should also be provided for pre-recorded video content to convey visual information.
• Text Resizing and Contrast: Content should be resizable up to 200% without losing functionality, and the contrast ratio between text and background should meet the required accessibility standards (minimum 4.5:1). This ensures readability for users with visual impairments.

Multi-Language Support

• Bilingual/Regional Language Support: Websites must offer content in multiple languages (primarily English and regional languages). A prominent language selection link should be available on every page, with content in Unicode to avoid rendering issues across devices and browsers.

No Reliance on Color Alone

• Information should not rely solely on color to convey meaning. For instance, required form fields should not only be highlighted in red but also marked with an asterisk or other clear indicator.

Consistent Navigation

• A consistent and well-defined navigation structure must be present across all pages. It should be accessible via keyboard input and compatible with assistive technologies, ensuring that users can move through the site easily.

3. Cybersecurity Guidelines

Security is a critical component of GIGW 3.0, addressing threats like unauthorized access, data breaches, and cyber-attacks.

“Safe to Host” Certification

• Websites and apps must obtain a “safe to host” certification from cybersecurity auditors empaneled by CERT-In/STQC. This ensures that the website/app meets the necessary security requirements and can safely host sensitive government information.

Data Protection

• Secure User Data: Websites must adopt secure mechanisms for handling sensitive user data, such as passwords, Aadhaar numbers, and credit card information. Data protection measures should follow the best industry practices outlined in ISO 27001, OWASP, and Application Security Verification Standards (ASVS).

Regular Monitoring and Audits

• Cybersecurity Audits: Regular audits should be conducted to ensure that websites remain compliant with the latest security guidelines. Websites should follow cybersecurity advisories issued by CERT-In to stay ahead of potential threats.
• Encryption and Secure Connections: All data transmitted through the website must be encrypted, and websites should enforce the use of HTTPS for secure connections.

4. Lifecycle Management

Lifecycle management emphasizes the importance of maintaining websites/apps post-launch to ensure continued quality, accessibility, and security.

Ongoing Maintenance

• Content Updates: Regular updates to content, performance monitoring, and security checks are essential to keeping websites relevant, secure, and functional. Outdated or irrelevant content should be removed or archived as needed.
• Web Information Manager (WIM): Each government department should appoint a WIM to oversee the website’s content lifecycle. The WIM is responsible for ensuring that content is accurate, regularly updated, and adheres to the guidelines.

Backup and Recovery

• Backup Procedures: A proper backup and recovery plan should be in place to handle website data. Regular backups ensure that the site can be restored in the event of an attack or technical failure.

5. Focus Areas and Risk Mitigation

Risks of Non-Conformity

• Failure to follow GIGW 3.0 guidelines can result in several risks, including unauthorized access to sensitive information, defacement of websites, poor user experience, and legal action for non-compliance with accessibility laws.

Mitigating Risks

• To mitigate these risks, government organizations must adopt a proactive approach, including regular audits, compliance checks, and the integration of security measures at every stage of website and app development.

Download Complete Guideline : https://thealokmohan.com/wp-content/uploads/2024/09/2024022987-1.pdf