Show simple item record

dc.contributor.authorNjoroge, Patrick Macharia
dc.contributor.authorOgalo, James
dc.contributor.authorRatemo, Cyprian Makiya
dc.date.accessioned2023-03-13T09:05:59Z
dc.date.available2023-03-13T09:05:59Z
dc.date.issued2020
dc.identifier.citationInternational Journal of Social Sciences and Information Technologyen_US
dc.identifier.issn2412-0294 Vol IV Issue X, O
dc.identifier.urihttps://www.ijssit.com/main/wp-content/uploads/2019/10/Framework-For-Effective-Information-Security-Risk-Management-In-Kenyan-Public-Universities.pdf
dc.identifier.urihttps://karuspace.karu.ac.ke/handle/20.500.12092/2813
dc.descriptionEffective information security risk management in Kenyan Public Universitiesen_US
dc.description.abstractWith the universities increasingly depending on information and communication technology to execute their core operations and functionalities, their exposure to growing cyber threats is inevitable and hence unprecedented security risks. With the security risks reportedly growing day by day many universities are reported to be unable to effectively respond to or guard against them. The study objectively sought to determine the security requirements which were important for asset protection in the Kenyan public universities, establish currently implemented security practices, identify vulnerabilities and threats to assets, establish the risk control measures, and develop an effective information security risk management framework for Kenyan public universities. The target population was Kenyan public chartered universities, which were clustered into two, and simple random and purposive sampling techniques were employed for sample selection. The questionnaires were administered to the information and communication technology professionals in the universities. The results indicated that accountability and authenticity were established as strong and important security requirements to incorporate in universities security risk evaluations, with mean values of 4.62 and 4.85 respectively out of the possible value of 5 and they had high factor loading into the extracted component of 0.951 and 0.908 respectively. Further, the universities were aware of the risks they were facing, which should have informed their protection strategies and their risk mitigation plans. However, there was notable deficiency in implementation of controls, which would match the identified risks and therefore, the adoption of the proposed framework would assist universities address the deficiencies identified and reduce if not eliminate the susceptibility to the information security risks.en_US
dc.language.isoenen_US
dc.publisherLAP LAMBERT Academic Publishingen_US
dc.subjectInformation Security Risk Managementen_US
dc.subjectThreatsen_US
dc.subjectVulnerabilitiesen_US
dc.subjectRisksen_US
dc.titleA Framework for Effective Information Security Risk Management: In Kenyan Public Universitiesen_US
dc.typeArticleen_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record