Assessment of Information Systems Security Management in Selected Public Organizations in Ethiopia: a Gap Analysis
No Thumbnail Available
Date
2020-06-06
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Addis Ababa University
Abstract
The purpose of this research was to evaluate the Information Security Sector management
(ISSM) implementation and find the gap analysis in four federal public organizations in
Ethiopia. This study examined the practices and implementation, the trends regarding ISSM
with particular reference with MOFED, MOR, TECHIN, and ESSTI. In terms of research
methodology qualitative approach and multiple case study approach was employed. In this
study, both primary and secondary sources of data were used. Subsequently, key informant
interviewing and document analysis and observation were used to collect data. Qualitative
method used as data analysis techniques as well as the interview were mainly used. This
study identified numerous and examined the gaps in ISSM implementation in practice in
public sector in the organizations and the way forward. This study further, examined the
repercussions based on international ISO standards. The finding of the study revealed that
the general gaps in ISS, lack of experienced human resource in the field, unable to
implement an IT system, lack IT policy, lack of training, lack of user side understanding
Violating Rules and regulations.
Description
Keywords
Information System Security, Information System Security Management, Information System Security Management Framework