| dc.description.abstract | Many organizations continue to grow in numbers by the day in adopting use and adoption of ICT in day to day business processes and so are the rising trends in cyber insecurity. Securing information systems against myriad spectrum of threats requires use of multiple, overlapping protection approaches addressing people, technology and operational processes. ICT policies are put in place in institutions to provide guidelines and standards on what is acceptable and what is not as regards to use of ICT systems. In spite of these ICT policies, numerous instances all over the world have been reported whereby university systems were compromised and university information exposed to other third parties or malicious activities or unintentional errors. According to a report published by Oracle (2008), there have been hundreds of data breaches costing millions of dollars and damaging universities’ reputation. There is no evidence that research has been carried out in the past to assess the level of compliance to ICT security policies by the institutions of higher learning. This study therefore sought to bridge this gap by means of a survey, to investigate and describe the level of compliance to ICT security policies in terms of confidentiality and availability in Universities in Kisumu and Siaya Counties, Kenya. | en_US |
