CERT-GH RFC 2350 Profile
1. Document Information
This document complies with RFC 2350.
1.1. Date of Last Update
This is version 2.0 as of October 2, 2021.
1.2. Distribution List for Notifications
CERT-GH will not plan frequent modifications to this document, thus
see section 1.3 for the download location
1.3. Locations where this Document May Be Found
The current version of this profile is available at
2. Contact Information
2.1. Name of the Team
Full name: Ghana National Computer Emergency Response Team
Short name: CERT-GH
3rd Floor, NCA Tower,
6 Airport By-pass Road
Digital Address: GL-126-7029
2.3. Time Zone
CERT-GH provides 24-hour incident response service.
3rd Floor, NCA Tower.
Greenwich Meantime (GMT).
2.4. Telephone Number
CERT-GH emergency local mobile: +233 (303) 972531
CERT-GH emergency international mobile: +233 (303) 972530
2.5. Facsimile Number
2.6. Other Telecommunication
2.7. Electronic Mail Address
Report cybersecurity incidents to report [@t]
2.8. Public Keys and Encryption Information
CERT–GH has a PGP key with fingerprint: 0A3E 73BC 0A1B 8B12 9F3C
8AB7 46D2 76A4 AD38 7498
2.9. Team Members
Information about team members is available upon request.
2.10. Other Information
For additional information about CERT-GH, visit
2.11. Points of Customer Contact
Phone: 0503 185 846
Online form: https://csa.gov.gh/report
SMS Shortcode: 292 (Ghana Only)
Cyber Security Authority (CSA-Gh) Mobile App (Android and
3.1. Mission Statement
CERT-GH provides information and assistance to its constituents for
implementing proactive measures to reduce the risks of computer
security incidents. It also provides reactive services when
cyber-attacks occur to reduce their impact. Finally, it builds
capacity and training on incident management to its
Sectorial CERTS (National Security, Financial, Telecommunication,
Education, Government, Military, Business, Industrial & Commercial
3.3. Sponsorship and/or Affiliation
CERT-GH is a unit under the Cyber Security Authority of
the Ministry of Communications and Digitalisation
CERT-GH is affiliated to Council of Europe (GLACY+), UNICEF,
Ghana-US Cooperation (SGI), Microsoft
CERT-GH is also a member state of the Budapest Convention
(Convention on Cybercrime).
CERT-GH has the authority to oversee and make recommendations
regarding cybersecurity events and incident mitigation. CERT-GH will
execute its duties as outlined within the scope of its charter,
informed by applicable laws, regulations, directives, and additional
assignments as indicated by the Cyber Security Advisor.
Policies are currently under review
4.1. Types of Incidents and Level of Support
All incidents are considered normal priority unless they are labeled
4.2. Cooperation, Interaction, and Disclosure of Information
All incoming information is handled confidentially by CERT-GH,
regardless of its priority.
When reporting a sensitive incident, please state so explicitly (for
example, by using the label SENSITIVE in the subject field of email)
and, if possible, use encryption as well.
CERT-GH supports the Information Sharing Traffic Light Protocol
(ISTLP; see https://www.first.org/tlp/docs/tlp-v1.pdf). Information
that arrives with the tags WHITE, GREEN, AMBER, or RED will be
4.3. Communication and Authentication
See section 2.8; In cases that involve sensitive information, use of
PGP/GnuPG is highly recommended.
5.1. Incident Response
5.1.1 Incident Triage
Investigating whether indeed an incident occurred.
Determining the extent of the incident.
5.1.2 Incident Coordination
Determining and contacting the involved organizations.
Facilitating contact with other parties including law enforcement,
Asking for reports and/or composing reports, depending on the
involved organizations, incident type and severity.
Communicating with media, if necessary.
5.1.3 Incident Resolution
Advising the involved organization(s) on appropriate measures.
Following up the incident solution process.
Collecting evidence and interpreting data, if applicable.
5.2. Proactive Activities
CERT-GH collaborates with Shadowserver foundation.
Providing relevant information on threats, trends and remedies to
their constituency (and/or media, if necessary) to raise security
awareness and competence.
Collecting contact information of sectorial CERT teams.
Providing for a community building and information exchange within
6. Incident Reporting Forms
Refer to section 2.11
While every precaution will be taken in the preparation of
information, notifications and alerts, CERT-GH assumes no
responsibility for errors or omissions, or for damages resulting
from the use of the information contained within.