European Journal of Computer Science and Information Technology (EJCSIT)

EA Journals

Information Systems Security Risk Management (ISSRM) Model in Kenyan Private Chartered Universities

Abstract

This paper proposes a risk management model that can allow universities implement secure information systems. Specifically the paper appraises IS security in the universities and their requirements with a focus on how IS security risks can be managed. The appraisal assisted the researchers to understand the effectiveness of information security management in institutions of higher learning in Kenya. From the survey we carried out, it’s clear that the universities face serious IS security challenges. Based on the issues identified as affecting information security management and the role they play to ensure secure systems at the universities, we propose recommendations to improvements in information security management in institutions of higher learning. This paper proposes an encompassing model to organize specific aspects of ISSRM as per the ISO/IEC 27001:2013 standard and structures this model by borrowing from the STOPE (Strategy, Technology, Organization, People, Environment) view of information systems security risk management.

Keywords: ISO/IEC 27001:2013, Information systems security, Private Universities, risk management model

cc logo

This work by European American Journals is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 4.0 Unported License

 

Recent Publications

Email ID: editor.ejcsit@ea-journals.org
Impact Factor: 7.80
Print ISSN: 2054-0957
Online ISSN: 2054-0965
DOI: https://doi.org/10.37745/ejcsit.2013

Author Guidelines
Submit Papers
Review Status

 

Scroll to Top

Don't miss any Call For Paper update from EA Journals

Fill up the form below and get notified everytime we call for new submissions for our journals.