Roads Authority

Draft ICT Governance Policy

Document

Date: 27th August 2024

Roads Authority of Malawi
ICT Governance Policy Document

Version 1.1

Effective Date: 27th August 2024

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
Table of Contents
Roads Authority of Malawi..........................................................................................................4
Table of Contents.....................................................................................................................4
Roads Authority of Malawi ICT Governance Policy.................................................................8
Background Information for the ICT Governance Policy....................................................8
1. Introduction....................................................................................................................8
2. Purpose..........................................................................................................................8
3. Scope.............................................................................................................................9
4. Governance Principles...................................................................................................9
4.1 Meeting Stakeholder Needs:..................................................................................9
4.2 Covering the Enterprise End-to-End:...................................................................10
4.3 Applying a Single Integrated Framework:............................................................10
4.4 Enabling a Holistic Approach:..............................................................................10
4.5 Separating Governance from Management:........................................................11
5. ICT Governance Objectives.........................................................................................11
6. Governance Structure and Roles.................................................................................12
7. ICT Governance Policies Descriptions.......................................................................12
8. ICT Governance Policy Statements.............................................................................14
8.1 Strategic Alignment Policy Statement:.................................................................14
8.2 Value Delivery Policy Statement:.........................................................................14
8.3 Risk Management Policy Statement:...................................................................14
8.4 Resource Optimization Policy Statement:............................................................15
8.5 Performance Measurement Policy Statement:....................................................15
8.6 Compliance and Assurance Policy Statement:....................................................15
8.7 Change Management Policy Statement:.............................................................15
8.8 Incident Management Policy Statement:.............................................................16
8.9 Data Privacy and Security Policy Statement:.......................................................16
8.10 IT Service Management Policy Statement:........................................................16
8.11 Vendor Management Policy Statement:............................................................16
8.12 Business Continuity and Disaster Recovery Policy Statement:.........................16
10. Compliance and Monitoring.......................................................................................17
11. Review and Updates..................................................................................................17
12. Policy Enforcement....................................................................................................17
14. Appendices................................................................................................................18
Appendix A: Strategic Alignment Matrix.....................................................................18
Appendix B: Risk Management Matrix.......................................................................18

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
 Appendix C: Performance Measurement Matrix........................................................19
Appendix D: COBIT 5 Reference Model....................................................................19
Revision History of the ICT Governance Policy.....................................................................21

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
Roads Authority Policy Document Review and Approvals

Document Ownership

This document is owned by the IT Manager – IT Division - Roads Authority.

Revision History
Version Author Date Revision
1 Mr. Joseph Mwale 25.08.2024
2 Mr. Alinafe Mbendera 01.09.2024

This Document has been reviewed by

Reviewer’s Name Date of Review
Mr. Michael Mkandawire

This Document has been approved by

Policy Approver(s) Chief Executive of Roads Authority

Signature

Effective Date

Reference Standards ISO/IEC 27001, NIST Cybersecurity

Framework (CSF)

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
Roads Authority of Malawi ICT Governance Policy

Background Information for the ICT Governance Policy

The Roads Authority of Malawi, which primarily is focused on road construction and
maintenance, has lacked a formal ICT Governance Policy, exposing the organization to
significant risks such as inconsistent ICT practices, cybersecurity vulnerabilities, and
misalignment with strategic goals. The growing reliance on ICT systems across all operations
highlights the critical need for a standardized governance approach to mitigate these risks and
ensure efficiency.

To address these challenges, the Roads Authority requires an ICT Governance Policy aligned
with international standards like COBIT 5 and ISO/IEC 27001. This policy will provide a
comprehensive framework for managing ICT resources across all departments, ensuring
consistency, security, and alignment with the Authority’s strategic objectives. Implementing this
policy will enhance operational efficiency, minimize risks, and support the Authority’s mission to
improve Malawi's road infrastructure.

1. Introduction

The Roads Authority of Malawi (RA) depends on robust Information and Communication
Technology (ICT) systems to fulfill its mission of delivering quality road infrastructure services.
This policy defines the governance framework for ICT, ensuring it aligns with the RA's strategic
objectives, effectively manages risks, maximizes value delivery, optimizes resources, and
supports continuous performance improvement. The policy is aligned to COBIT 5 principles,
recognized globally for IT governance and management.

2. Purpose

The purpose of this policy is to:

● Establish ICT governance principles and objectives.

● Define roles and responsibilities for ICT governance across the RA.
● Ensure ICT initiatives align with RA’s business strategies.
● Optimize the use of ICT resources.
● Provide a structured approach to managing ICT risks.
● Monitor and evaluate ICT performance.

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
Establishing ICT governance principles and objectives involves defining clear roles and
responsibilities for ICT governance within the Roads Authority of Malawi to ensure that all ICT
initiatives align with the Authority's business strategies. This includes optimizing ICT resources,
providing a structured approach to managing ICT risks, and continuously monitoring and
evaluating ICT performance. By implementing these principles, the Authority aims to enhance
the efficiency, security, and strategic alignment of its ICT operations.

3. Scope

This policy applies to all departments, divisions, and units within the Roads Authority of Malawi,
including but not limited to:

● Planning Department
● Major Projects Department
● Corporate Services Department (HR, Admin, and ICT Divisions)
● Public Relations Unit
● Internal Audit Unit
● Procurement Division
● Maintenance Department
● Regional Office

The ICT Governance Policy for the Roads Authority of Malawi applies to all departments and
units, ensuring consistent management of ICT systems across the organization. This unified
approach integrates governance into key areas, from project planning to communication,
supporting the Roads Authority’s strategic goals by minimizing risks and enhancing efficiency.

By establishing consistent standards across all levels, including regional offices, the policy
ensures secure and reliable ICT systems that are essential for the smooth operation of the
Authority. This cohesive governance framework promotes operational effectiveness and aligns
ICT efforts with the organization's overall objectives

4. Governance Principles

The ICT Governance Policy of the Roads Authority of Malawi is anchored in the following
COBIT 5 principles, each tailored to the unique structure and needs of the RA organization:

4.1 Meeting Stakeholder Needs:

Ensuring ICT initiatives deliver value and align with stakeholder expectations.

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
 Policy Statement:
ICT governance shall ensure that the needs of all stakeholders (Board, management,
employees, external partners, and regulatory bodies) are met by balancing performance,
risk, and resource utilization.

Roads Authority Needs:

ICT must support infrastructure development, ensure regulatory compliance, and
enhance operational efficiency, while addressing the diverse needs of stakeholders such
as funders, regulators, and the public.

4.2 Covering the Enterprise End-to-End:

Integrating ICT governance into overall enterprise governance.

Policy Statement:
ICT governance shall be applied organization-wide, extending beyond the ICT
department to all processes, decisions, and resources related to ICT in every
department and division.

Roads Authority Needs:

Uniform ICT governance across all departments is vital for consistency, particularly
given the decentralized structure of the Roads Authority. This ensures that all divisions
and regional offices work cohesively with ICT support.

4.3 Applying a Single Integrated Framework:

Utilizing COBIT 5 to establish consistent governance practices across all ICT functions.

Policy Statement:
The ICT governance framework will integrate seamlessly with other organizational
frameworks such as risk management, financial management, and performance
measurement, ensuring comprehensive governance.

Roads Authority Needs:

To improve operational efficiency and resource management, the Roads Authority must
integrate ICT governance with existing frameworks like financial controls, project
management, and risk management

4.4 Enabling a Holistic Approach:

Addressing ICT governance through interconnected enablers such as processes,

people, information, and technology.

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
 Policy Statement:
ICT governance will take a comprehensive approach, covering all enablers, including
processes, organizational structures, culture, ethics, information, infrastructure, and
people, to ensure successful ICT outcomes.

Roads Authority Needs:

Given the diversity of functions—ranging from infrastructure development to human
resources—the Roads Authority requires an integrated ICT approach that supports
every aspect of its operations.

4.5 Separating Governance from Management:

Distinguishing between governance activities (evaluation, direction, monitoring) and

management activities (planning, building, running, and monitoring).

Policy Statement:
There will be a clear distinction between ICT governance (which focuses on setting
direction, monitoring, and evaluating ICT use) and ICT management (which is
responsible for planning, building, operating, and monitoring ICT services).

Roads Authority Needs:

This separation ensures that strategic ICT oversight remains a priority while operational
efficiency in day-to-day management is maintained across the Roads Authority.

5. ICT Governance Objectives

The objectives of the ICT Governance, aligned to Cobit 5 include:

● Strategic Alignment: Ensuring ICT strategies and initiatives support RA’s strategic
objectives.

● Value Delivery: Maximizing value from ICT investments by ensuring efficient service
delivery and measurable benefits.

● Risk Management: Identifying, assessing, and mitigating ICT-related risks to protect

information assets and ensure business continuity.

● Resource Optimization: Optimizing the use of ICT resources, including financial,

technological, and human resources.

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
 ● Performance Management: Establishing and monitoring key performance indicators
(KPIs) to evaluate ICT effectiveness and drive continuous improvement.

6. ICT Governance Structure and Roles

The ICT governance structure and roles policy statements:

Policy Statements:

6.1 The ICT Governance Committee, shall be chaired by the CEO or a designated
Director, is responsible for providing strategic oversight and ensuring that ICT
governance aligns with the Roads Authority's strategic objectives.

The Committee includes representatives from Planning and Development, Major

Projects, Maintenance, Corporate Services, ICT, Internal Audit, and Procurement
Division.

6.2 The ICT Division shall be led by the ICT Manager, who will be tasked with the
implementation of ICT governance policies, management of ICT operations, and
ensuring that ICT activities are aligned with the Roads Authority’s strategic goals.

6.3 Departmental Heads are accountable for integrating ICT governance practices within
their respective units. They shall collaborate with the ICT Division to ensure that
departmental ICT needs are addressed and that ICT projects align with departmental
and organizational objectives.

6.4 The Internal Audit Unit shall provide independent assurance on the effectiveness of
ICT governance, risk management, and compliance with policies. The unit shall conduct
audits to evaluate the efficiency and effectiveness of ICT controls and governance
processes

7. ICT Governance Policies Descriptions

● Strategic Alignment Policy:

The Strategic Alignment Policy ensures that the ICT strategy, objectives, and initiatives
are consistently aligned with the overall business goals and strategic objectives of the
Roads Authority of Malawi.

● Value Delivery Policy:

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
 The Value Delivery Policy ensures that all ICT investments, services, and initiatives
deliver measurable business value to the Roads Authority of Malawi.

● Risk Management Policy:

The Risk Management Policy ensures that ICT-related risks are effectively identified,
assessed, mitigated, and monitored to minimize their impact on the Roads Authority's
operations.

● Resource Optimization Policy:

The Resource Optimization Policy ensures the efficient use of ICT resources—
technology, human capital, and financial investments—to maximize their contribution to
the Roads Authority’s strategic objectives.

● Performance Measurement Policy:

The Performance Measurement Policy ensures that the performance of ICT systems,
services, and governance practices is regularly evaluated to verify their effectiveness in
supporting the Roads Authority’s strategic goals.

● Compliance and Assurance Policy:

The Compliance and Assurance Policy ensures that all ICT activities, processes, and
systems within the Roads Authority of Malawi comply with relevant laws, regulations,
standards, and internal policies

● Change Management Policy:

The Change Management Policy ensures that all ICT changes—whether to systems,
infrastructure, or processes—are managed in a controlled and systematic manner to
minimize disruption to operations and mitigate potential risks.

● Incident Management Policy:

The Incident Management Policy ensures a structured approach for identifying,

responding to, managing, and resolving ICT incidents that may disrupt services,
compromise data security, or affect the performance of critical systems.

● Data Privacy and Security Policy:

The Data Privacy and Security Policy ensures that the Roads Authority of Malawi
protects sensitive data from unauthorized access, use, disclosure, or loss.

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
 ● IT Service Management Policy:

The IT Service Management Policy establishes a framework for delivering high-quality,

efficient, and reliable IT services to meet the operational and strategic needs of the
Roads Authority of Malawi

● Vendor Management Policy:

The Vendor Management Policy ensures that all interactions with third-party vendors
and service providers are managed effectively to achieve optimal performance, mitigate
risks, and ensure alignment with the Roads Authority of Malawi's objectives

● Business Continuity and Disaster Recovery Policy:

The Business Continuity and Disaster Recovery Policy ensures that the Roads Authority
of Malawi can continue its critical ICT operations and recover swiftly in the event of a
major disruption or disaster.

8. ICT Governance Policy Statements

8.1 Strategic Alignment Policy Statement:

The Roads Authority of Malawi shall ensure that all ICT initiatives and projects are
aligned with the Authority’s strategic objectives. ICT strategies and plans must support
and enhance the organization’s mission, goals, and objectives. Regular reviews and
updates will be conducted to ensure continued alignment with evolving business needs
and priorities.
COBIT 5 Area: Align, Plan, and Organize (APO)

8.2 Value Delivery Policy Statement:

ICT investments shall be managed to maximize value and ensure effective delivery of
services. The Roads Authority of Malawi will establish and maintain processes to
evaluate, prioritize, and manage ICT projects and investments, ensuring they deliver
measurable benefits and support organizational goals. Value delivery will be monitored
through performance metrics and feedback mechanisms.
COBIT 5 Area: Deliver, Service, and Support (DSS)

8.3 Risk Management Policy Statement:

The Roads Authority of Malawi shall implement a comprehensive risk management

process to identify, assess, and manage ICT-related risks. This includes conducting

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
 regular risk assessments, developing risk mitigation strategies, and monitoring risk
exposure. The organization will ensure that ICT risks are managed effectively to protect
information assets and ensure business continuity.
COBIT 5 Area: Monitor, Evaluate, and Assess (MEA)

8.4 Resource Optimization Policy Statement:

Efficient management and allocation of ICT resources shall be a priority for the Roads
Authority of Malawi. The organization will optimize the use of financial, technological,
and human resources to achieve maximum efficiency and effectiveness. Resource
planning and allocation will be guided by established priorities and performance targets.
COBIT 5 Area: Align, Plan, and Organize (APO)

8.5 Performance Measurement Policy Statement:

The Roads Authority of Malawi shall establish and monitor key performance indicators
(KPIs) to evaluate ICT performance and ensure continuous improvement. Performance
metrics will be aligned with strategic objectives and used to assess the effectiveness
and efficiency of ICT processes and services. Regular performance reviews will drive
improvements and inform decision-making.
COBIT 5 Area: Monitor, Evaluate, and Assess (MEA)

8.6 Compliance and Assurance Policy Statement:

The Roads Authority of Malawi shall adhere to all relevant laws, regulations, and
industry standards related to ICT. The organization will implement compliance
measures, conduct regular audits, and ensure that ICT controls are effective in meeting
legal and regulatory requirements. Compliance and assurance activities will be
documented and reported to relevant stakeholders.
COBIT 5 Area: Monitor, Evaluate, and Assess (MEA)

8.7 Change Management Policy Statement:

Changes to ICT systems and processes shall be managed through a structured change
management process to minimize disruption and ensure service quality. The Roads
Authority of Malawi will establish procedures for planning, approving, implementing, and
reviewing changes. All changes will be documented and communicated to affected
stakeholders.
COBIT 5 Area: Deliver, Service, and Support (DSS)

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
 8.8 Incident Management Policy Statement:

The Roads Authority of Malawi shall implement an incident management process to

address ICT incidents promptly and effectively. This includes procedures for incident
detection, response, resolution, and communication. The organization will ensure that
incidents are managed to minimize impact, and learnings are used to prevent future
occurrences.
COBIT 5 Area: Deliver, Service, and Support (DSS)

8.9 Data Privacy and Security Policy Statement:

The Roads Authority of Malawi is committed to protecting the confidentiality, integrity,

and availability of data. The organization shall implement data privacy and security
measures to safeguard sensitive information and comply with data protection
regulations. Access controls, data encryption, and secure data management practices
will be enforced to prevent unauthorized access and data breaches.
COBIT 5 Area: Deliver, Service, and Support (DSS)

8.10 IT Service Management Policy Statement:

The Roads Authority of Malawi shall ensure the effective management and delivery of
IT services through well-defined IT service management processes. Service delivery
will be monitored against agreed-upon service levels, and continuous improvement
initiatives will be implemented to enhance service quality.
COBIT 5 Area: Deliver, Service, and Support (DSS)

8.11 Vendor Management Policy Statement:

The Roads Authority of Malawi shall establish vendor management processes to

ensure that third-party services and products meet the organization’s requirements. The
organization will select, monitor, and evaluate vendors based on performance,
compliance, and risk management criteria. Contract management and performance
reviews will be conducted regularly to ensure vendor performance aligns with
organizational needs.
COBIT 5 Area: Align, Plan, and Organize (APO)

8.12 Business Continuity and Disaster Recovery Policy Statement:

The Roads Authority of Malawi shall implement business continuity and disaster
recovery plans to ensure the resilience of ICT systems and services. These plans will
include strategies for maintaining critical operations during disruptions and recovering

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
 from disasters. Regular testing and updates will ensure the effectiveness of these
plans.
COBIT 5 Area: Deliver, Service, and Support (DSS)

10. Compliance and Monitoring

The Roads Authority of Malawi shall ensure compliance with this ICT Governance Policy
through regular audits, reviews, and performance monitoring. The Internal Audit Unit will provide
independent assurance on the effectiveness of ICT governance practices, and compliance
reports will be submitted to the ICT Governance Committee and senior management.

11. Review and Updates

This ICT Governance Policy will be reviewed annually or as needed to reflect changes in the
organization’s strategic objectives, ICT environment, or regulatory requirements. All updates will
be approved by the ICT Governance Committee and communicated to relevant stakeholders.

12. Policy Enforcement

Non-compliance with this policy may result in disciplinary action, including termination of
employment or contract. The Roads Authority of Malawi will enforce this policy through training,
awareness programs, and regular monitoring.

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
13. Appendices

Appendix A: Governance Policy Matrices

● Strategic Alignment Matrix

● Risk Management Matrix
● Performance Measurement Matrix
● Mapping of COBIT 5 Processes to RA’s ICT Governance Objectives matrix

Appendix A: Strategic Alignment Matrix

Area Objective Current Gaps/Issues Actions Responsible
Status Required Party

Project Planning Ensure projects Inconsistent Some projects not Develop project Planning
align with strategic alignment aligned with goals alignment criteria Department
goals

Resource Allocate resources Adequate Misalignment in Review and Corporate

Allocation to strategic allocation some areas adjust resource Services (ICT)
priorities allocation

Performance Monitor progress Limited Insufficient KPIs Implement robust Major Projects
Tracking against strategic tracking and tracking performance Department
objectives methods tracking

Stakeholder Align ICT initiatives Partial Some stakeholder Conduct regular Public Relations
Engagement with stakeholder alignment needs unmet stakeholder Unit
needs reviews

Appendix B: Risk Management Matrix

Risk Area Risk Impact Likelihood Current Mitigation Responsible
Controls Actions Party

Cybersecurity Data breaches High Medium Firewalls, anti- Enhance ICT Division
and virus software security
cyberattacks protocols and
training

System ICT system High Low Regular Improve ICT Division

Failures outages maintenance, redundancy
backup systems and recovery
procedures

Compliance Non-compliance Medium Medium Regular audits, Conduct more Internal Audit
with regulations compliance frequent Unit
checks compliance
reviews

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
Vendor Risks Issues with Medium Low Vendor Strengthen Procurement
third-party evaluation vendor Division
vendors procedures contracts and
monitoring

Appendix C: Performance Measurement Matrix

Performance KPI Target Current Analysis Improvement Responsible
Area Performance Actions Party

Project Percentage 90% 85% Slightly below Implement Major Projects

Delivery of projects target stricter project Department
completed management
on time practices

Resource Utilization 95% 90% Efficient but Optimize Corporate

Utilization rate of ICT with room for resource Services (ICT)
resources improvement allocation

Service Quality User 80% 75% Below Enhance IT Service

satisfaction expectations service support Management Unit
score and user
training

Incident Average 4 hours 5 hours Slightly longer Streamline ICT Division

Response incident than target incident
resolution response
time procedures

Appendix D: COBIT 5 Reference Model

Mapping of COBIT 5 Processes to RA’s ICT Governance Objectives

COBIT 5 Process Description RA’s ICT Alignment Explanation
Governance
Objective

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
APO01 - Manage the IT Establish and maintain an Strategic Alignment This process ensures that RA's ICT
Management IT management framework governance framework is aligned with
Framework to ensure alignment with its strategic goals and objectives,
business goals. bridging the gap between IT and
business strategies.

APO02 - Manage Define and maintain the IT Strategic Alignment, Helps RA align ICT strategies with
Strategy strategy to support Value Delivery organizational strategies and ensure
organizational strategies that ICT investments drive value by
and objectives. supporting key business initiatives
and objectives.

APO03 - Manage Define and maintain the Strategic Alignment Ensures that the architecture
Enterprise Architecture enterprise architecture to supporting RA’s ICT infrastructure
support the IT strategy. aligns with its strategic goals,
facilitating efficient and effective IT
operations.

APO05 - Manage the IT Optimize and manage the Value Delivery, Focuses on managing ICT
Investment IT investments to maximize Resource investments to ensure value is derived
value delivery. Optimization from these investments, optimizing
resource use, and enhancing overall
efficiency.

APO12 - Manage Risk Identify and manage IT- Risk Management Provides a structured approach to risk
related risks to ensure that identification and management,
IT-related risks are ensuring that RA can address and
addressed. mitigate ICT-related risks effectively.

BAI01 - Manage Manage IT programs and Value Delivery, Ensures that ICT projects are
Programs and Projects projects to ensure they Strategic Alignment managed effectively to deliver value
meet business needs. and align with RA’s strategic
objectives, supporting successful
project execution.

BAI02 - Manage Define and manage IT Strategic Alignment, Ensures that ICT requirements are
Requirements requirements to ensure Value Delivery well-defined and align with RA’s
Definition they meet business needs. business needs, driving value through
effective solution implementation.

BAI03 - Manage Build and deliver IT Value Delivery Focuses on the development and
Solutions Identification solutions to meet business deployment of IT solutions that meet
and Build needs. the defined requirements and deliver
value to the organization.

DSS01 - Manage Manage IT operations to Performance Ensures effective management of IT

Operations ensure service delivery Measurement, IT operations to maintain service quality,
and performance. Service Management monitor performance, and achieve
continuous improvement.

DSS02 - Manage Handle service requests Incident Provides a structured approach to

Service Requests and and incidents to minimize Management, IT managing service requests and
Incidents impact on operations. Service Management incidents, ensuring prompt resolution
and minimizing operational impact.

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
 DSS04 - Manage Ensure IT continuity and Business Continuity Focuses on planning and maintaining
Continuity disaster recovery planning. and Disaster business continuity and disaster
Recovery recovery measures to protect RA’s
ICT operations during disruptions.

MEA01 - Monitor, Evaluate the performance Performance Provides a framework for monitoring
Evaluate, and Assess and compliance of IT Measurement, and assessing IT performance and
Performance processes. Compliance and compliance, ensuring alignment with
Assurance governance standards and continuous
improvement.

MEA02 - Monitor, Evaluate the effectiveness Compliance and Ensures that internal controls are
Evaluate, and Assess of internal controls over IT. Assurance effective in managing and
the System of Internal safeguarding IT processes and
Control assets, maintaining compliance with
relevant standards and regulations.

This document provides a comprehensive, high-quality ICT Governance Policy for the Roads
Authority of Malawi, grounded in the principles of COBIT 5, and tailored to the organization’s
unique needs and challenges.

Revision History of the ICT Governance Policy

Date Revision Description of Revision(s)

Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.

Confidential
Copyright Statement © [2024] Roads Authority of Malawi. All rights reserved.
Confidential