dc.description.abstract | Information systems are vulnerable to a variety of attacks such as power shortages, disk failure,
equipment destruction, fire and terrorist attack. It is therefore important to undertake IS
contingency planning to safeguard against loss caused by such attacks. The study was to develop
a model information systems contingency plan for universities. A cases study of the University
of Nairobi was taken.
The study was conducted through a cross sectional descriptive case study. A questionnaire was
used to collect primary data from the selected population. One questionnaire was administered to
end users of information systems at the University of Nairobi. A different questionnaire was
administered to the technical staff. The population of the study was all the end users of
information systems at the University of Nairobi and 112 technical staff who work at the ICT
Center. Applying a formula for determining sample size, a sample of 68 end users and 68
technical staff were selected using stratified sampling.
Findings from end users indicated that business impact analysis, recovery strategies formulation,
plan testing, conducting staff awareness program and plan maintenance are crucial steps in
coming up with an IS contingency plan. The study found out that the most critical information
systems at the University of Nairobi were the Student Management Information System,
followed by Human Resource Management Information System and the Financial Management
System.
The minimum IT resources that are required to support the critical information systems include;
authentication server, web server which supports the three critical IS systems identified (SMlS,
HRMlS, FIMS), database server, e-mail server, student database, LANIWAN with associated
routers, hubs and fiber connections, and power supply. The study developed an IS contingency
plan which incorporated the BIA output, recovery procedures and plan appendices. | en |