Factors influencing the level of information security practice in state corporations: a case of Ministry of Industrialization, Kenya
View/ Open
Date
2012Author
Okoth, Washington O
Type
ThesisLanguage
en_USMetadata
Show full item recordAbstract
The pursuit of information security is characterized by practices aimed at maintaining a desired level of Confidentiality, Integrity, and Availability of information systems and assets. Rapid development of automation processes and the penetration of the computers in all fields of life have led to appearance of a range of peculiar problems. One of these problems is the necessity of providing effective protection to information. This research work was investigating the factors influencing the level of Information Security practice in state corporations in Kenya.
Information Security Practices and guidelines will play a key role in identifying the factors that influence their effective implementation. With the level of information security in state corporations in Kenya in mind, the researcher explored the factors that influence the level of information security in these organizations as they implement the information security practices and guidelines. Variables such as access control mechanisms, information security management tools and technology usage, human factors in information security, security infrastructure, government regulation and past security breaches were examined so as to ascertain the level of information security derived.
The findings have indicated that access control mechanisms, human factors in information security, information security management tools and technology usage and availability of security infrastructure all influences the level of information security practice in state corporations. The state corporations need to strengthen the effective implementation of the information security practices in Kenya to be able to protect their information assets as well as comply with regulatory requirements.
The study has revealed that there is need to improve on areas such as screening of information security teams, development of information security policy, development and implementation of business continuity plan and disaster recovery plans, allocation of adequate budget and conformity to regulatory requirements.
Publisher
University of Nairobi, Kenya
Collections
- Faculty of Education (FEd) [5964]