Assessment of Information Systems Security Management in Selected Public Organizations in Ethiopia: a Gap Analysis
No Thumbnail Available
Date
2020-06-06
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Addis Ababa University
Abstract
The purpose of this research was to evaluate the Information Security Sector management (ISSM) implementation and find the gap analysis in four federal public organizations in Ethiopia. This study examined the practices and implementation, the trends regarding ISSM with particular reference with MOFED, MOR, TECHIN, and ESSTI. In terms of research methodology qualitative approach and multiple case study approach was employed. In this study, both primary and secondary sources of data were used. Subsequently, key informant interviewing and document analysis and observation were used to collect data. Qualitative method used as data analysis techniques as well as the interview were mainly used. This study identified numerous and examined the gaps in ISSM implementation in practice in public sector in the organizations and the way forward. This study further, examined the repercussions based on international ISO standards. The finding of the study revealed that the general gaps in ISS, lack of experienced human resource in the field, unable to implement an IT system, lack IT policy, lack of training, lack of user side understanding Violating Rules and regulations.
Description
Keywords
Information System Security, Information System Security Management, Information System Security Management Framework