dc.contributor.author | Njoroge, Patrick Macharia | |
dc.contributor.author | Ogalo, James | |
dc.contributor.author | Ratemo, Cyprian Makiya | |
dc.date.accessioned | 2023-03-13T09:05:59Z | |
dc.date.available | 2023-03-13T09:05:59Z | |
dc.date.issued | 2020 | |
dc.identifier.citation | International Journal of Social Sciences and Information Technology | en_US |
dc.identifier.issn | 2412-0294 Vol IV Issue X, O | |
dc.identifier.uri | https://www.ijssit.com/main/wp-content/uploads/2019/10/Framework-For-Effective-Information-Security-Risk-Management-In-Kenyan-Public-Universities.pdf | |
dc.identifier.uri | https://karuspace.karu.ac.ke/handle/20.500.12092/2813 | |
dc.description | Effective information security risk management in Kenyan Public Universities | en_US |
dc.description.abstract | With the universities increasingly depending on information and communication technology to
execute their core operations and functionalities, their exposure to growing cyber threats is inevitable and
hence unprecedented security risks. With the security risks reportedly growing day by day many universities
are reported to be unable to effectively respond to or guard against them. The study objectively sought to
determine the security requirements which were important for asset protection in the Kenyan public
universities, establish currently implemented security practices, identify vulnerabilities and threats to assets,
establish the risk control measures, and develop an effective information security risk management framework
for Kenyan public universities. The target population was Kenyan public chartered universities, which were
clustered into two, and simple random and purposive sampling techniques were employed for sample selection.
The questionnaires were administered to the information and communication technology professionals in the
universities. The results indicated that accountability and authenticity were established as strong and
important security requirements to incorporate in universities security risk evaluations, with mean values of
4.62 and 4.85 respectively out of the possible value of 5 and they had high factor loading into the extracted
component of 0.951 and 0.908 respectively. Further, the universities were aware of the risks they were facing,
which should have informed their protection strategies and their risk mitigation plans. However, there was
notable deficiency in implementation of controls, which would match the identified risks and therefore, the
adoption of the proposed framework would assist universities address the deficiencies identified and reduce if
not eliminate the susceptibility to the information security risks. | en_US |
dc.language.iso | en | en_US |
dc.publisher | LAP LAMBERT Academic Publishing | en_US |
dc.subject | Information Security Risk Management | en_US |
dc.subject | Threats | en_US |
dc.subject | Vulnerabilities | en_US |
dc.subject | Risks | en_US |
dc.title | A Framework for Effective Information Security Risk Management: In Kenyan Public Universities | en_US |
dc.type | Article | en_US |