Examining Information Security Controls in the Human Resource Department of Kampala International University, Uganda from 2013-2018.

ABSTRACT 

The research study was based on examining informatiOn security contrOls in the Human Resource Department of KIU, Uganda. The objectives of the study were; to analyze the information security controls in the Human Resource department of Kampala International University, to explore the extent of compliance to information security objectives at Kampala International University, to investigate the challenges of information security at Kampala International University, and also to ascertain if there was a significant relationship between challenges of information security ofrecords and security objectives at Kampala International University. A correlation study was used to establish if there was a significant relationship between challenges of information security and security objectives at Kampala International University. This was because the study focused on establishing if there was a significant relationship between challenges of information security and security objectives in Kampala International University. A sample size of 65 respondents was taken from the target population of 78 respondents using the solvens formula; data was analyzed using. Statistical Package for Social Scientists (SPSS) version 16.0. Pearson Linear Correlation Co-efficiency (PLCC) was used to establish if there is a significant relationship between challenges of information security and security objectives at KIU. The study found out that there was no significant relationship between challenges of information security of records and security objectives in KIU. The level of significance was 0.460 which implied that there was no significant relationship between challenges of information security and security objectives in KIU. The null hypothesis was accepted and the alternate hypothesis was rejected. This therefore caused the researcher to suggest the following recommendations: KIU; should ensure that information is not disclosed to unauthorized persons by ensuring that there is tight security in information based areas, should protect information from being modified by unauthorized parties by ensuring password usage, should maintain an ongoing awareness of attack threats through security information sources, should educate its employees in safe computing practices, such as installing anti-virus software on servers and desktops.



TABLE OF CONTENTS

DECLARATION

APPROVAL

DEDICATION iii,

ACKNOWLEDGEMENT iv

TABLE OF CONTENTS v

LIST OF TABLES viii

LIST OF FIGURES ix

LIST OF ACRONYMS x

ABSTRACT xii

CHAPTER ONE 1

INTRODUCTION 1

1.0 Background of the study 1

1.1 Statement of the problem 3

1.2 General objective 4

1.3 The Specific Objectives 4

1.5 Hypotheses 5

1.6 Scope 5

1.6.1 Conceptual scope 5

1.6.2 Geographical scope 5

1.6.3 Theoretical scope 6

1.6.4Timescope 6

1.7 Significance~of the study

1.8 Operational definition of key terms 6

CHAPTER TWO .7

LITERATURE REVIEW

2.0 Introduction 7

2.1 Theoretical review 7

2.2 Conceptual framework 8

2.3 Information security 11

2.4 Information security objectives 20

2.5 Information security controls 26

2.6 Information security challenges 28

2.7 Related studies 30

2.8 Research gap 32

CHAPTER THREE 33

METHODOLOGY 33

3.0 Introduction 33

3.1 Research design 33

3.2 Research population 33

3.3 Sample size 34

3.4 Sampling procedure 35

3.5 Research instrument 35

3.6 Validity 36

3.7 Reliability 37

3.8 Data gathering procedures 38

3.9 Data analysis 38

3.10 Ethical considerations 38

3.11 Limitations .39

3.12 Delimitations 38

CHAPTER FOUR 40

DATA PRESENTATION AND ANALYSIS 40

4.0 Introduction 40

4.1 Profile of the respondents 40

4.2 Descriptive statistics 48

4.2.1 Descriptive statistics to establish information security controls at KIU 44

4.2.2 Descriptive statistics for exploring the extent of compliance to information security objectives at KIU 47

4.2.3 Descriptive statistics to investigate challenges to information security in KIU. 50

4.3 Establish of the relationship between challenges to information security and information security objectives in KIU 51

4.6 Regression analysis 52

CHAPTER FIVE 55

DISCUSSION OF FINDINGS, CONCLUSION AND RECOMMENDATIONS 55

5.0. Introduction 55

5.1 Discussion of fmdings 55

5.2. Conclusion 57

5.3 Recommendations 58

5.4. Areas for further studies 59

REFERENCES 60

APPENDICES 68

APPENDIX I: CONSENT FORM 68

APPENDIX II: QUESTIONNAIRE 69