| dc.description.abstract | Today, almost all organizations around the world are using Information Communication Technology (ICT) in their daily business. An lCT policy safeguards Confidentiality, Integrity and Availability (ClA) of Information Systems and ensures business continuity. This study sought to assess the level of compliance by Universities to their ICT security policies by assessing the three pillars of IT security: the CIA. Literature review on Confidentiality, Integrity and Availability of information Systems as well as international standards and regulations such as HIPAA, FERPA, SOX and ISO 270003 that touch on CIA was carried out. A cross-sectional survey study design incorporated self-administered quantitative and qualitative research that was carried out in eight campuses within Kisumu and Siaya Counties. The survey was conducted on universities that gave authorization of the survey to go on. Stratified sampling method was used to arrive at the right population of respondents in the universities. The study targeted ten campuses within the two counties but only eight authorized the study. The findings of this study reveals that overall compliance ratings in the three key pillars of IT security were below 50% on compliance ratings with confidentiality at 33.9%,integrity at 30% and availability at 36%. This study contributes to policy, practice and theory at county and individual level in two ways. Firstly it came up with empirical data on state of compliance to JCT policies in universities and secondly it will provide the government and the institutions' management with an objective profile of issues and a proactive approach that can solve the issues in cost effective manner. | en_US |
