Information technology post implementation practices and operational risk minimization in public hospitals in Kenya
Abstract
This study was carried out to establish the relationship between IT post implementation
practices and IT operational risk minimization among the public hospitals in Kenya. The
study had three objectives: To establish the IT post implementation practices in public
hospitals in Kenya; to identify the existing IT operational risks in public hospitals in
Kenya; to determine the relationship between IT post implementation practices and IT
operational risk minimization among public hospitals in Kenya. The study used the crosssectional
survey. A census survey was carried out in all hospitals in the selected six
counties and data collected from the respondents through a closed questionnaire. Data
collected for objectives one and two was analyzed using mean scores while data for
objective three was analyzed using multiple regression analysis. The study revealed that
IT systems have been in use for an average of 3 years in the public hospitals. The results
show that due to the inadequacy of IT post implementation practices adopted, the level of
exposure of IT systems to IT operational risk is high; there is lack of hospital-wide IT
policies and procedures and finally there is an inverse relationship between IT post
implementation practices and IT operational risk minimization in public hospitals. The
study recommends that hospitals implement comprehensive policies and procedures to
guide IT operations, and address IT security and control issues. It is also recommended
also that IT system changes and updates be documented. Finally, it is recommended that
the hospital management take advantage of the accumulated knowledge on IT systems to
provide leadership towards enacting appropriate institutional risk strategy and risk
management framework
Publisher
University of Nairobi