Browsing by Author "Sawenge, Lyeme"

Now showing 1 - 1 of 1
  • No Thumbnail Available
    Item
    Risk and security controls management in ict: a study of knowledge of implementation in Tanzania
    (University of Dar es Salaam, 2008) Sawenge, Lyeme
    The purpose of this research was to study the extent of knowledge of implementation of most organizations' users in managing ICT risk and security controls for improved economic production, thus in turn to be used for developing workable guidelines. Data collected through interviews and questionnaires from organizations were analysed using Microsoft Excel. Results show that the surveyed organizations were facing insufficient knowledge and technical personnel for implementation of necessary security controls as very few (27%) were doing only occasional trainings, leading to few used and knew existing policies/guidelines, attacks of information and assets including protection and detection. E.g. only 37% of them used licensed software for updates, only 22% were budgeting for security controls and no any Systems Administrator was involved in designing and formulating of organization's policies. This resulted into loss of: services, valuable data and assets, hence not meeting the set objectives. The developed workable guidelines will help most organizations' users in managing ICT risk and security controls. Therefore, research emphases the set abolishment of policy framework addressing classes of critical data and assets, aiming at security controls. It also emphases the frequent trainings of all users for awareness and knowledge on; policies, guidelines, threats and security controls. To support all this, all organisations have to support financially the ICT security controls, and thus involvement of the Systems Administrators in designing and formulating the policies have to be emphasised for improved economic production.