Skip to content

unicef/holistic-audits-on-ict4d

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

48 Commits

.gitbook/assets

.gitbook/assets

 
 

images

images

 
 

partners

partners

 
 

people

people

 
 

process

process

 
 

technology

technology

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

SUMMARY.md

SUMMARY.md

 
 

_quarto.yml

_quarto.yml

 
 

_website.yml

_website.yml

 
 

about-guardian-project.md

about-guardian-project.md

 
 

about.md

about.md

 
 

glossary.md

glossary.md

 
 

index.md

index.md

 
 

introduction-to-understanding.md

introduction-to-understanding.md

 
 

js.html

js.html

 
 

overview.md

overview.md

 
 

perspectives-in-four-ways.md

perspectives-in-four-ways.md

 
 

resource-links-and-tools.md

resource-links-and-tools.md

 
 

styles.css

styles.css

 
 

Repository files navigation

description cover coverY layout
A space for sharing a broader approach to auditing the security, privacy, and sustainability of ICT4D technology
.gitbook/assets/UN0803447-Naftalin.jpg
-56
cover title description tableOfContents outline pagination
visible size
true
full
visible
true
visible
true
visible
true
visible
true
visible
true

A Holistic New Approach to Audits!

Sharing Holistic Understanding

This collection of documents represents a set of perspectives, experiences, and guidelines on engaging with technology within the Information and Communications Technology for Development (ICT4D) space. In particular, the work focuses on the benefits and impacts of adopting free and open-source software that is secure and privacy-focused.

This approach will be discussed through the four lenses of People, Process, Technology and Partners.

{% embed url="https://www.youtube.com/watch?v=MBhL1YsrZfQ" %}

Background

This work grew out of the UNICEF Digital Center of Excellent (DCoE) team's focus on evaluation Electronic Civil Registration and Vital Statistic (eCRVS) solutions. To do this, a holistic audit process was designed and implemented. The wide-ranging, multi-staged approach includes an initial assessment based on published documentation and resources, meetings and interviews with program staff, an application architecture review, a source code security audit, a DevSecOps deployment analysis, vulnerability scanning and penetration testing. Four audit evaluations were completed, and the lessons learned from that work, have been extracted and integrated here into this guide.

Something For You

While there are some more thoughts on Who We Aim To Help, in summary this guide has been created to assist anyone in the ICT4D space who as encountered the question "Has it been audited?", and wondered if that was a financial question or a technology question. Whether you are a procurement specialist, a regional specialist, a technologists for development, or in a program or sales role, this guide has something for you. If you are in charge the audit, or just trying to understand what kind of questions to ask about during an evaluation, this guide has something for you. If you are a vendor, a platform developer, an entrepreneur, an open-source developer, this guide has something for you.

It takes many people, process, technology and partners to be successful in ICT4D!

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

2 stars

Watchers

10 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages