Factors influencing post implementation system security of management information systems: a case study of Nairobi city water and sewerage company, Nairobi county, Kenya

Abstract

Security is a pre-requisite for any IT undertaking in a company. Although post-implementation activities are critical for the acceptance of and security of the management information systems (MIS), post-implementation strategies are, however, not emphasized in most MIS projects, because conventional project management methodologies consider that a project is over when the system or facility is operating. Requirements of MIS tend to change continuously even after the completion of the project. Some factors that pose as the greatest challenge after the implementation of management information systems include lack of senior management commitment to information security initiatives, failure of management to understand the information security issues, lack of information security planning prior to implementation of new technologies and lack of Integration between business and information security. The purpose of this study was to assess the factors effecting system security post implementation of management information system at NCWSC. The propose study adopted a case since it is a research on one organization. The target population of this study was the one hundred and twenty one management staff working at NCWSC. Stratified proportionate random sampling technique was used to select the sample of 30 managers. The study used both primary and secondary data. Primary data was obtained through self-administered questionnaires with closed and open-ended questions and an interview schedule. A descriptive analysis was employed in analyzing the quantitative data. Content analysis was used for data that is qualitative nature or aspect of the data collected from the open ended questions and the interview guides. The study found that system environment and database exposure affected information system security in the company to a very great extent (65%). It was clear that the quality of the software application(MIS) affected information system security in the company to a very great extent (75%) and end user effect affected information system security in the company to a very great extent (70%). The study concludes that MIS effectiveness is a function of environmental factors, design factors i.e. the quality of the software, the system end users and internal and external processes. The study recommends that companies should develop and implement a good information systems policy to ensure quality control of the data stored in their system.