• Login
    View Item 
    •   UoN Digital Repository Home
    • Theses and Dissertations
    • Faculty of Science & Technology (FST)
    • View Item
    •   UoN Digital Repository Home
    • Theses and Dissertations
    • Faculty of Science & Technology (FST)
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    An E-Corruption Control Framework For The Kenya Public Sector

    Thumbnail
    View/Open
    Fulltext (1.847Mb)
    Date
    2015
    Author
    Kizito, Thomas
    Type
    Thesis; en_US
    Language
    en
    Metadata
    Show full item record

    Abstract
    Information security is subjective and contextual therefore, every organizations approach to a security strategy should be different and customized accordingly, because each organization has its own threats risks and business drivers. Threats to organizational Information and Information Systems are increasing in occurrence and in complexity and this emphasizes the need to have control frameworks in place to prevent ecorruption and to better protect information. To improve governance of IT and comply with regulatory standards, institutions are using best practice control frameworks. One of these frameworks is COBIT (Control Objectives for information and related Technology). COBIT provides guidance on what is to be done within a Technology reliant institution in terms of control, activities, measures and documentation. This framework is however generic and requires specific knowledge. The ISO/IEC 27001 –an information security management framework – was also a studied, but it too like its counterpart, the COBIT, fell short as it was also generic. A COGIT (Common Objectives for Government and Information Technology) framework developed by David Gisora, 2012 which was a derivative of the COBIT model proposed security measures based on eight processes and thirty activities. It covers broad areas of IT governance which are included in the four domains as per the COBIT framework. This framework was specific to government initiatives but it lacked an essential component: internal benchmarks as a process. The research methodology that was adopted was an exploratory study. The population of interest was parastatals in the following ministries: Ministry of Health, Education, Finance, Justice and constitutional affairs, information and communication. Purposive sampling was used with targeted interviews to ICT officers who are custodians of information systems in the different ministries. Data was analyzed by use of descriptive statistics such as percentages, bar charts, frequency distribution tables. The research established that the ministries faced a number of challenges in relation to implementing information security for controlling e-corruption. There seems to be no coordination between ministry staff and IT staff on the role and importance of information. The Key recommendations included the need for management to fully understand that e-corruption control needs to be prioritized and that benchmarks, policies and regulations need to be aligned with the associated risks involved. An implementation e-corruption control framework was developed and was recommended for use to the government.
    URI
    http://hdl.handle.net/11295/90949
    Publisher
    University of Nairobi
    Collections
    • Faculty of Science & Technology (FST) [3794]

    Copyright © 2019 
    University of Nairobi Library
    | UoN Quality Policy | Send Feedback
     

    Browse

    All of UoN Digital RepositoryCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

    My Account

    LoginRegister

    Copyright © 2019 
    University of Nairobi Library
    | UoN Quality Policy | Send Feedback