The Technical and Vocational Education and Training Curriculum Development, Assessment and Certification Council (TVET CDACC) has rolled out a new digital security system that will significantly change how assessment centres access and use the Council’s online portal.
In a circular dated March 3, 2026, and addressed to principals of national polytechnics, technical training institutes, technical and vocational colleges, private colleges, Vice Chancellors of universities implementing Competency-Based Education and Training (CBET), and managers of vocational training centres, the Council announced the implementation of a Role-Based Access Control (RBAC) framework at assessment centre level. The notice was signed by the Council’s Chief Executive Officer (CEO) Prof. Kisilu Kitainge.
What the new system means
The Council said its ICT department has successfully implemented the RBAC framework on the centre-side of the TVET CDACC portal. Basically, Role-Based Access Control (RBAC) is a system that limits what a person can see or do on a digital platform depending on their job.
ALSO READ:
Court orders NSSF to refund teachers Sacco in illegal land sale
This means an officer responsible for entering marks, for example, will not automatically have access to payment records or staff management sections unless officially assigned. Access will now depend strictly on approved roles.
According to the Council, the move is aimed at strengthening system security, improving accountability and preventing unauthorised access to sensitive sections such as assessment tools and marks entry. It is also meant to ensure compliance with governance and data protection requirements.
Portal sections affected
Under the new framework, access to portal modules will be assigned based on defined roles. The affected sections include the dashboard, candidate profiles, roles management, staff management, assessment registrations, continuous mark entry, summative mark entry, payments, purchase catalogue, assessment tools download section, re-assessments, reports, assessment results, credit transfers and the helpdesk.
Some sections will only allow viewing, while others will allow adding or editing information depending on the officer’s approved responsibilities.
What institutions must do
TVET CDACC has directed all institutions to complete an RBAC Nomination Form. The form must indicate the officer’s full name, official email address, designation and assigned role or modules. It must also be signed by the Centre Manager and stamped with the official institutional stamp.
The duly completed form must be submitted to the Council via the official emails provided in the circular on or before Friday, March 6, 2026.
Warning on non-compliance
Institutions have been warned that failure to comply with the directive will result in suspension of access to the portal. The Council further clarified that only officers who are formally nominated and approved will retain access to their assigned modules.
Any existing access that does not align with approved roles will be revoked.
By Benedict Aoya
You can also follow our social media pages on Twitter: Education News KE and Facebook: Education News Newspaper for timely updates.
>>> Click here to stay up-to-date with trending regional stories
>>> Click here to read more informed opinions on the country’s education landscape
