MSIT Theses and Dissertations (2013)

Permanent URI for this collection

http://hdl.handle.net/11071/2220

Browse

Browsing MSIT Theses and Dissertations (2013) by Title

Now showing 1 - 20 of 30
  • Thumbnail Image
    Item
    Application of SOA architecture in credit information sharing in Kenya
    (Strathmore University, 2013) Odupoy, Peter T.
    The main objective of this study is to explore the use of Service Oriented Architecture (SOA) in Credit Information Sharing in Kenya. The study sought to analyze how service oriented architecture can be used in developing a solution for Credit Information Sharing between Credit Reference Bureaus (CRBs), their data providers and customers in Kenya. To establish the possible use of web services for Credit Information Sharing (CIS) between Banks and (CRBs) in Kenya, to determine what data is required for (CIS) and how the data is acquired by (CRBs) in Kenya, to find out the use web services for integration of data from heterogeneous data sources used by (CRBs) in Kenya and to validate the importance of using SOA for (CIS) by (CRBs), Kenya. This study adopted an applied research design. The study also used purposive sampling in which primary data was collected from Credit managers of banks in Kenya. Secondary data was obtained from publications from the banks. Data was analyzed by means of content analysis. This study revealed that organizations submit both negative and positive data to the credit reference bureau regarding their clients. However, negative information was more than positive. Most organizations use emails, others upload to a secure web site or use FTP to submit information to the credit reference bureau. In addition, organizations use spreadsheet, text file format and PDF to send information. The study also found that organizations access individual/organization contact information, positive information regarding the applicant, negative information regarding the applicant and other information. The study established that information from the credit reference bureau assist the organizations in making decisions at the beginning of the credit approval process.
  • Thumbnail Image
    Item
    An assessment of open source software's use for administrative, teaching and learning in private chartered universities in Kenya.
    (Strathmore University, 2013-06) Misoi, Irene Chepng'etich; Onyango-Otieno, Vitalis; Marwanga, Reuben (Dr.); Kiraka, Ruth
    Kenyan private chartered universities have implemented Open source software for administrative, teaching and learning purposes. However despite the implementation of these Open source software, a review of literature reveals a lack of knowledge on the extent and success that has been achieved in the implementation of open source software projects in universities in Kenya. Given the advantages of using Open Source Software in university operations, there is need for better understanding of the key challenges facing usage and implementation of Open Source Systems and therefore propose a framework for implementation of open source systems. The study focuses to determine the key challenges facing the usage and implementation of open source software for teaching, learning and management activities of private universities in Kenya and proposes a framework for implementing open source systems in Kenyan universities. The study adopted descriptive survey design. The findings from this research provides evidence that most universities need to provide for adequate budget to go towards supporting the systems use the main conclusions drawn from this study are that private chartered universities in Kenya have implemented Open Source Software. This is perhaps the reason why many private chartered universities have automated most university processes, and that Moodle Open Source Software is widely used.
  • Thumbnail Image
    Item
    Cloud computing implementation framework: case study of directorate of e-government
    (Strathmore University, 2013) Karimi, Paul Kabui
    Information Technology has gone through a continuous paradigm shifts. All these shifts are either driven by technological change and advancement or the requirements by the clients. Hence these shifts have made the IT industry very dynamic for particular technologies to assert themselves as the defacto technologies. The technologies must be combined to give the full potential of the combined technologies by complementing and supporting each other’s capabilities. Organizations that are progressive and take ICT as an enabler and a strategic arm in their operation must take up and adapt to such technologies so that they remain competitive in terms of service delivery, cost of production, and systems integration among other benefit. Cloud computing is the most recent paradigm in IT; it uses the many years evolved technologies together to harness the benefits accrued in each technology to create modern data centers. The cloud concept is geared to enable customers or data center user to subscribe to computing service they need without investing in acquiring computing assets. This thesis proposed a cloud computing framework using directorate of Egovernment as a case study. The directorate of e-government is mandated to manage and give policy direction for ICT in government. Currently the government ministries and department implements segregated ICT systems with full investment on hardware, software and personnel. Most of the investment does not get the full economic returns because they end up being underutilized and there is a lot of duplicated effort across the government in terms of ICT projects. The research studied the sampled ministries and departments, through personalized interviews and review of existing works and documents to understand the nature of services being offered by the departments and ministries. The results formed indicative facts of the underlying ICT services and assets base in government. The research further proposes a comprehensive collective cloud computing implementation framework which can be used to transform the current SILO based approach of implementation to Government Cloud where all the government ICT resources can be pooled and managed centrally. Respective theoretical models and framework forming the building base of cloud computing and utility services are reviewed in the literature review. The research further explained how the developed framework should be implemented in government through various discussion and recommendation. The researcher validated the proposed framework by mapping the proposed frameworks components to the know variables in cloud computing implementation and post interview and frame work review by the study respondents.
  • Thumbnail Image
    Item
    Cloud-based multi-agent supply chain system architecture
    (Strathmore University, 2013) Venzeslas, Oliko Gabriel
    Efficient supply chain management is a key challenge for many organizations. This becomes even critical and complicated when the goods that these organizations deal with are considered to be life saving. The Kenya Medical Supplies Agency (KEMSA) whose mandate is to procure, store and distribute drugs and health commodities to health facilities in Kenya has not be spared by this challenge. Secondary research suggests that the main problems in KEMSA include uneven distribution of healthcare services or drugs, ineffective and inefficient supply chain systems and low availability and accessibility of healthcare products occasioned by lack of a supply management system. The development of multi agent concepts in Artificial Intelligence in recent years provides an opportunity to explore the possibility of deployment of such concepts to further enhance the supply chain systems. Cloud computing on the other hand is the delivery of computing as a service rather than a product, whereby shared resources, software, and information are provided to computers and other devices as a metered service over a network. This is an applied research and semi-structured interviews and secondary data were used. This research sought to develop architecture for a multi-agent supply chain system around a cloud in an attempt to address the supply chain management and delivery challenges at KEMSA. This research then recommended this architecture as a foundation on which Supply Chain Management software for KEMSA or other interested organizations can be built on
  • Thumbnail Image
    Item
    Coffee supply chain traceability model: Case of the Coffee Board of Kenya
    (Strathmore university, 2013-06) Mumbi, Mungai Karen; Sevilla, Joseph; Orero, Joseph Onderi; Kiraka, Ruth
    This thesis describes the potential impact of the introduction, implementation and integration of traceability model in the coffee industry. It seeks to identify a traceability model to be used as a blueprint in developing a traceability system for the coffee sector. This is achieved by highlighting the value chain players in the coffee sub-sector, the processes and to ensure that the system is aligned along the coffee supply chain. This technological innovation is meant to trace coffee consistently and efficiently from the point of origin to the point of consumption. Absence of the right traceability model in the coffee sector in Kenya is hindering the potential of this sector as well as limiting its growth. The value of an automated coffee traceability system would seek to integrate all the information scattered from all the supply chain player's; centralize capture; storage and retrieval of information; speed up processing of information; keep track of the production process ; generate reports; and also be used as a knowledge management tool. The methodology used was a basic survey, questionnaire and interview. Data was collected from a sample selected to represent a larger population. This sample size consists of Sasini Miller Limited and the Coffee Board of Kenya. The estimated population of CBK ICT users in the organization is 65 working with the confidence level of 95% and a confidence interval of 9, using the sample size formula 42 employees best characterized the general understanding of the entire CBK population. In this research the product-centric data model was selected owing to its critical packages of traceability and quality appropriate for the food industry. The traceability package contained entities that enabled tracing and tracking the product throughout its lifecycle and the quality package contained entities that represent the quality features of the product. Based on the data collected the traceability components missing in the current traceability system in the coffee sub-sector. The proposed model incorporates the missing traceability components and ensured that the product-centric parameters of traceability and quality are enhanced. Additional technologies included are traceability standards and bar-coding technologies thereby improving and customizing the model for the coffee sub-sector in Kenya The model ensures that adequate information is generated at the right time and is available to the next person in the supply chain. It enhances identification of the coffee product, movements and processes done in the supply chain. It also allows the supply chain players to process , store, handle and display the product safely and correctly.
  • Thumbnail Image
    Item
    Context-aware mobile applications development framework
    (Strathmore University, 2013) Gwaro, Ronald
    Mobile application development follows a number of strategies and approaches. Recent developments in mobile applications tend to consider context to be key. This has necessitated the need for context-aware mobile applications. To fully understand mobile applications and their components, this research separates core application logic from adaptive functionality and then applies qualitative and quantitative research techniques to investigate and come up with a framework for the development of context-aware mobile applications. The research identifies the factors affecting mobile application development as; Mobile device characteristics; Mobile application development platform; Changes in the mobile environment; Mobile application operating platform; Cellular network capabilities; Human and mobile device interaction; Application consistency across different mobile devices and platforms; Nature of content and service delivery; Mobile application performance and Mobile application security considerations. The technologies used in mobile application development are identified and broadly classified as communication technologies, development platforms technologies, middleware technologies, presentation technologies and security technologies. The research findings were used to build a framework for mobile applications development using context-awareness analogy. The framework consists of two main categories of core application logic and the adaptive functionality. The core application logic has six components and each contain the most critical feature the developer should emphasize on. The adaptive functionality also has five components that the mobile application developer should consider and each contains the most critical features for emphasis. The framework is then covered on each side by the mobile application security considerations. Mobile application security affects many of the components in the framework and therefore must be considered at the component level.
  • Thumbnail Image
    Item
    Cost based data security model for organizations
    (Strathmore University, 2013) Maroria, Ezra
    As information systems threat environment continue to escalate and change, the focus on information security shifts towards effectiveness and efficiency of security countermeasure. Organizations continue to suffer the consequences of data breach with many paying high fines, loosing important data, reputation damages and even others going entirely out of business. This scenario has led to organizations layering security countermeasures one upon another from logical to physical and administrative controls to ensure they protect their assets. Ensuring strong information security is resource consuming and very costly given the limited security budget. On the other hand different information/data requires different security level depending on its nature or classification. For example some information may require basic security level because of its less sensitive nature, while others may require higher protection level because of their highly sensitive nature. This demands that information security spending be reviewed as thoroughly as other management decisions. In this research, using a qualitative and quantitative research methodology, various ways of data classification are identified, these include; classification based on type of data, owner, value of data, sensitivity of data, legal and regulatory requirement, user needs etc. The research also investigates various data security requirement and problems. Those identified include; the CIA, legal requirements, data response, utility, accountability and privacy. On data problems, networked environment, users related challenges, complexity of computing tools and integrated environments, E-commerce issues, poor data security governance and internet are identified as key challenges. The research also involves analysis of data security models where gaps and deficiencies are identified. A cost based data security model for implementing security based on data security requirements for different class of data is developed. This model is a step towards data security control costs identification and optimization where data security is implementation is informed by the data security needs.
  • Thumbnail Image
    Item
    Evaluative standard that address cloud-specific virtualization security concerns
    (Strathmore University, 2013) Makanga, Victor Wesonga
    Cloud computing is an emerging technology that offers an efficient delivery of computing resources through pooling of storage, network and software. These computing resources are critical to business functions, since they aid in storage and processing of data. Lack of effective cloud-computing standards has made it difficult for cloud customers to effectively evaluate different cloud offering as well as limiting interoperability among cloud platforms and therefore causing inconsistency in areas of security. From the reviewed literature, different approaches to virtualization have been adopted to offer flexibility in terms of securing customer‘s data and offering access control granularity. These include software, partial and hardware virtualization. The descriptive research method used was conducted using survey questionnaires with cloud users as the target population. The research seeks to find out how people implement virtualization and the challenges they face. Their perception on security of their data in the cloud as well as how they would like to amended to safe guard this data. The survey results are analyzed qualitatively and results presented in various forms. This research finds out that though there are some form of rule that guide virtualization, these have been compromised due to lack of strict enforcement. As a result, research focuses on standard which proposes guidelines and general principles for initiating, implementing, maintaining, and improving information security management within an organization. Therefore this research proposes an approach that established a new security layer that ensures compliance and enforcement of standards to address security concerns related to virtualization as applied in the cloud.
  • Thumbnail Image
    Item
    The extent of IT governance in achieving business competitiveness: a case of Kenya Airways Limited
    (Strathmore University, 2013) Njoga, Ayub Onyango David
    The pervasive use of technology has created critical dependency on IT that calls for a specific focus on IT governance. There is a devaluation of the importance of IT as a strategic asset by executive management in many organizations resulting in dysfunctional governance models. The study sets to explore the IT Governance practices extent in achieving business competitiveness advantage with a view to exploring IT strategy-business strategy alignment. Despite the growing evidence that IT has become an integral part of business, IT governance is still an issue for many organizations as the executive business management often tends to view IT as a "support" function rather than as a legitimate partner for generating business value. This devaluation of the importance of IT as a strategic asset is a symptom of misalignment leading to organizations’ wastage of precious resources (capital, time and human) in an era where time is of the essence, capital is in short supply, and truly qualified IT people are still hard to find (despite the recent economic recession). The study recommends the Dee-Enn Framework of IT Governance which merges the key components of existing IT Governance frameworks such as COBIT and ISO 38500, making it a simpler model, yet more integrated and comprehensive. The framework would enable the BOD put equal emphasis on IT governance as is normally with corporate governance to facilitate its integration in the Enterprise’s Governance, Risk and Compliance (GRC) practice to form a collaboration that brings synergy, and provides better financial, operational and IT assurance to the business in the pursuit of its objectives and goals.
  • Thumbnail Image
    Item
    Factors affecting information diffusion in healthcare : a case study of the Nairobi Hospital
    (Strathmore University, 2013) Mulimba, Steve Joseph
    Information technology (IT) has the potential to improve the quality, safety, and efficiency of health care. The main objective of the research study was therefore to establish the factors affecting information technology diffusion in healthcare. The study narrowed its research undertakings into four major factors which were; Communication, Ease of Use, Compatibility and Complexity. The literature review provides the reader with an explanation of the theoretical rationale of the problem being studied as well as what research has already been done and how the findings relate to the problem at hand. The study applied descriptive research design and the target population was 500 respondents from Top, Middle and operational levels of the institution. The study applied simple random sampling to obtain its samples. Questionnaires were the major data collection instruments and the gathered findings were analyzed through the use of quantitative analysis techniques, tables and charts to present its findings. To ensure effectiveness of information technology diffusion in healthcare proper communication should be done, health care information system should be easier to use, the technologies should be compatible with already existing organizational norms and values and the organization management should be in a position to handle complexities brought about by Information Technology.
  • Thumbnail Image
    Item
    A framework for assessing cloud computing risk for Kenyan organizations
    (Strathmore University, 2013) Were, Timothy Othieno
    Cloud computing has recently emerged as a buzz word in the distributed computing community. Many believe that Cloud is going to reshape the IT industry as a revolution. Yet for security professionals, the cloud presents a huge dilemma: How do you embrace the benefits of the cloud while maintaining security controls over your organisations’ assets? It becomes a question of balance to determine whether the increased risks are truly worth the agility and economic benefits. The author proposes a framework that borrows from other developed frameworks that will assist in the mapping out of security risks and controls that current and prospective users will need to take care of. The target group of respondents for this research are employees in the Information Technology departments in randomly selected Kenyan firms cutting across Utilities, Manufacturing, Transport, Non Governmental Organisations (NGOs), Government, Academia, Finance and ICT. Questionnaires were used with forty respondents giving their feedback. The feedback was positive with majority of the respondents having confidence in the framework – 90% of the respondents did not suggest any item for removal from the framework. They concurred that to address the risks in cloud computing, consideration has to be given to security in personnel, operational and physical issues, in addition to supply-chain assurance, portability and business continuity management. Also to be considered are environmental controls and legal and jurisdiction matters. The suggestions for additions were incorporated in the final model that was used to evaluate an existing cloud user who found areas that needed to be addressed by their Cloud Service Provider. The implication of this research is that the market is ripe and ready for cloud computing as long it can have assurance of the security and continuity of their data and systems. The research will give guidelines to those interested in implementing cloud computing on the considerations to make in order to ensure security and continuity risks of their systems are considered. The paper adds value in that cloud computing being a relatively new phenomenon, not much research has gone into its implementation, especially in Africa and more so in Kenya.
  • Thumbnail Image
    Item
    Framework for data sharing between satellite campuses in public universities : the case of Jomo Kenyatta University of Agriculture and Technology (JKUAT)
    (Strathmore University, 2013) Maina, Esther Wangechi
    In the past decade Public Universities in Kenya have more than quadrupled in number from seven in 2002 to over thirty in 2013. This increase has contributed to the introduction of universities constituent campuses and colleges in all major towns in Kenya. With the satellite campuses dispersed all over the country the data being held by these campuses is distributed in heterogeneous formats and not being shared. Some campuses maintain data repository but there is no platform or policies for facilitating data sharing. Data is duplicated across satellite campuses, which makes accessibility, availability and reinforcing mechanisms for data security very difficult. There exists a major gap in data sharing with no clear framework for the universities to use. The study sought to identify the requirements for data sharing between public universities and their satellite campuses, identify platforms for data sharing between satellite campuses and use this information to propose and validate a framework for data sharing. The study was conducted through the applied research design; data was collected using structured questionnaire from JKUAT, ICT personnel and campus administrators, two questionnaires were administered to each of the 12 satellite campuses in JKUAT with an additional two for the main campus. The data was analyzed using descriptive analysis and presented in tables and figures. The study established that 83% of the respondents do not share data. Network infrastructure was the highest rated requirements for data sharing with 70.8%. A web based platform and data security were also preferred with 79.2% each. Framework that support virtualization and distributed systems was also preferred with 66.7% and 62.5% respectively. Other requirements for data sharing included data accessibility and availability. The study concludes that the university needs to come up with proper infrastructure and policies to implement data sharing due to the dispersed nature of its campuses. The study recommends use of Cloud for data virtualization and storage, combined with WebGIS and Grid technology to facilitate data sharing.
  • Thumbnail Image
    Item
    Framework for enhancing cyber security: case study of Kenyan Internet Service Providers
    (Strathmore University, 2013-06) Gitonga, Edward Githinji
    Cyber security plays an important role in ensuring an ISP's services availability so as to ensure its clients satisfaction. It is just not about detection of cyber threats but also having the best practices to thwart such attacks. This involves classifying the attacks and assessing their impact should they be successful; while doing this, it is also necessary to note the defense mechanisms currently in place and come up with the best strategies to deal with such attacks. ISPs monitor the traffic that is routed through their network, detecting threats and reporting the same to their clients for them to protect their own networks. Currently, ISPs just detect and advice their clients but it is not just about detection but most importantly what to do with the data once it is detected. Having a framework that guides an organization on what to do should a cyber attack be detected greatly improves the organization's preparedness in dealing with cyber attacks. This research undertook both quantitative and qualitative approaches of the cyber threats that Kenyan ISPs face and ways of improving their preparedness to handle cyber attacks with the use of both primary and secondary data sources. A descriptive research design was employed with the use of questionnaires as principal data collection instrument, Several cyber security frameworks were evaluated and the proposed framework borrowed from the SCADA security framework and the game theoretic data fusion approach for cyber situation awareness and impact assessment. The questionnaire was distributed to all the individuals in the sample. The sample size was drawn from the technical staff of these Kenyan ISPs. Collected data was analyzed using both quantitative and qualitative data analysis approaches. Data from the questionnaires was checked for completeness, coded and logged into the computer system using Statistical Package for Social Science (SPSS). The study found out that ISPs are interested in a framework for handling cyber attack data (100%) so as to better handle cyber threats. Also, the following was established on cyber threats: for malware, 95% agreed that it does occur; for phishing, 82% agreed; for pharming (diversion of internet traffic), 59% agreed; and for spam, 86% agreed. On whether employees in the organization are well-trained to handle cyber security threats, only 37% agreed. The study concludes with a cyber security framework composed of cyber attack classification, attacks database, impact analysis, and recommended best response strategies. The framework provides a mechanism for handling cyber attack data, from classification of the attack type, vulnerabilities' evaluation and the best strategies for preventing the attack.
  • Thumbnail Image
    Item
    Framework for ICT based agricultural information dissemination system:case of Agricultural Information Resource Center, Kenya
    (Strathmore University, 2013) Kathuri, Stephen Ireri
    Networks of information and communication technologies (ICTs) enmesh the globe and represent a transformational opportunity for farmers to receive information as and when required. While correct, the opportunity presented cannot be realized unless this technology is guided. This thesis presents research findings from a case study of Agricultural Information Resource Center (AIRC) undertaken by use of questionnaires to establish issues such as use of ICT tools, information processing and dissemination. 26 respondents were targeted and 19 responded which was a 73% response. Literature review was undertaken to establish the extent of ICTs usage, farmers‘ information needs and the review of globally existing agricultural information dissemination frameworks. From the research it was established that farmers could benefit from real time adjustment in agricultural practices provided by ICTs, ICTs creates opportunities to dissemination local knowledge which is critical to improving farmers‘ productivity, and ICTs like mobile phones may strengthen information sharing. These results meant one thing; ICTs are here with use, however, their use especially in information dissemination to farmers‘ need to be guided. The significant of this research was that a framework to guide agricultural information dissemination system was developed and validated.
  • Thumbnail Image
    Item
    A framework for integration of mobile devices in distance education: a case of University of Nairobi
    (Strathmore University, 2013) Muchene, Joyce Gathoni
    Distance education was introduced many years back and has continuously gained popularity among institutions. Students heartily embrace it as it gives them the flexibility they so require, while for institutions they are able to offer educational opportunities to many who would not be in a position to attend class on a daily basis. Even with the exponential growth of distance education the delivery of content is still wanting. Most distance education courses still rely on print media to deliver content to students, with minimal media being introduced to assist. However with the advancement in technology distance education should be accessible to students whenever and wherever they are. This is not so, due to over reliance of delivery modes as mentioned above. The study sought to determine how tointegrate mobile devices in distance modelearning so as to make it accessible whenever and wherever one may be. It looked upon the current mobile technologies in use by the students so as to determine the most appropriate and effective mobile technology for them. The study endeavored to propose a framework for the integration of mobile technology into distance education based on the findings. According to the study, 79.6% of the respondents own a mobile phone while 17.5% own a laptop. This shows that a majority of the students have mobile devices which are readily available for their use in learning. Further analysis on which materials they access using their mobile devices 25% stated the modules while 48.3% study notes. Therefore, a large number of students use their mobile devices to learn and the framework for the integration of mobile devices in distance learning would enable facilitate learning using mobile devices. The framework looked into specifications such as communication in the way the students and the institution can be able to communicate with one another. The other specification was administration of users, whereby users would be traces to the student management system so as to avoid duplication of data. Other specifications identified were access to courseware, to enable access regardless of location, and support for all clients, that is, traditional and mobile device clients.
  • Thumbnail Image
    Item
    Framework for medical collaborative systems in public hospitals : case study: Mbagathi District Hospital & Health Centres
    (Strathmore University, 2013) Wambua, Faith Mwikali
    Private healthcare institutions in Kenya have adopted Information Communication Technologies (ICTs) in their daily operations to increase efficiency, reduce costs, to improve quality of services. Information Communication Technology has transformed business organizations globally and this is evident through the changing organizational structures, communication methods and collaboration of teams across borders. In Kenya, the current patient referral process is a manual and lengthy process that involves the constant access and transfer of referral forms and letters to and from the different levels of healthcare facilities in the country. The public hospitals in Kenya lack an online collaborative system framework for the transfer of referral records when a patient has been referred from a public hospital to a referral hospital. The purpose of this research therefore is to develop a framework for a collaborative system to carry out online referral of patients. A collaborative system also supports working together and close interaction of medical personnel working on a specific patient. A case study methodology was used to study the patient referral process in Mbagathi district hospital and public health centres. The importance of using this approach is that it is used to study real world phenomena in its original context and will be applicable in studying the procedures guide the medical transfer process and the challenges facing these processes. This research studied the current transfer of patient referral records in public hospitals, analyzed the frameworks and models developed for collaborative systems and proposed a valid framework that can be used for the implementation of a healthcare collaborative system for the public health hospitals in Kenya. The research findings show that 93% of the medical practitioners give patients referral forms to carry to the referral hospital. At the same time, 83% also indicate that feedback to the local hospital is not given. This therefore calls for a need to have an online referral system that will implement the desirable characteristics as supported by the 95% of the medical staff who participated in the research findings. Upon successful completion of this research, the public hospitals will now have a validated framework that can be used to implement a collaborative system to transfer records electronically from one hospital to another. This framework will be based on the current referral guidelines issued by the Ministry of Medical Services and Ministry of Public Health and Sanitation.
  • Thumbnail Image
    Item
    A framework for selection of information systems : case of the Kenya Civil Service
    (Strathmore University, 2013) Miriti, Fridah Karen M.
    Organizations in the civil service should endeavour to implement information systems that meet both their organisational objectives as well as e-Government objectives. However, information systems in the civil service in Kenya are characterized as being underutilized or unutilized; focused internally and existing in silos often leading to incompatible systems; being driven by vendors, donor and development partners; or acquired through collusions between vendors and government officials. This is due to lack of a suitable framework to guide selection of information systems in civil service. The research sought to review existing frameworks used to guide selection of information systems, identify factors that need to be considered in selection of information systems, determine how these factors apply in the selection of information systems in the civil service and develop a framework that can be used to guide selection of information systems before acquisition in the civil service in Kenya. The research identified the selection process, selection criteria, decision making structure and the evaluation technique as the factors that need to be considered in selection of information systems. A survey was sent out to the forty two ministries to determine how these factors applied in the civil service. It was found that most ministries in the civil service had a formal structured process for selection of information systems, weighting and scoring of criteria and cost benefit analysis were the most frequently used evaluation techniques, availability of funds and improved service delivery were the most frequently used selection criteria, the ICT department most frequently determined which information systems should be selected for acquisition and the accounting officer made the final decision on which information systems were selected for acquisition. The results of the survey were used to develop a framework to guide the selection of information systems in the civil service. The components of the framework were based on the four factors identified for the selection of informaiton systems. The framework aims at providing a standardized formal structure for selection of information systems in the civil service that support organisational objectives as well as e-Government objectives.
  • Thumbnail Image
    Item
    A framework for technology adoption for a virtual university
    (Strathmore University, 2013) Gogan, Nadium Achieng
    Virtual universities have emerged as a viable option for accessing university education due to the rapid advancement of Information, Communication and Technology (ICT) particularly internet based. This has become more relevant considering the increased demand for higher education and the need to provide equal opportunity by the policy-makers. However, most Kenyan universities are hesitant to establish VUs due to the huge cost of establishing and costs of maintaining the system, according to Kariuki (2006) Kenyan universities are a distant away from reaping the benefits of distant education. Research has shown that for successful implementation of the Virtual University, there is need for a framework that will inform the design, development, delivery and evaluation of flexible, open and distance learning environments. The framework will outline the critical success factors for an e-leaming environment such as those identified by Khan (2005): pedagogical, technological, interface design, evaluation, resource support, ethical, management and institutional. Considering that Kenyan Universities have been implementing the Virtual Universities, they have based their decisions on European and American markets research on critical success and failure factors that have a totally different socio-cultural and economic background. There is need for a framework that takes cognizance of the local context to be developed that will guide the implementation of the Virtual University. This study focused on the Virtual Universities implementation in Kenya and seeks to establish the Critical Success Factors and Challenges that have so far been experienced. It focused on the three Universities namely Kenyatta University, Mount Kenya University and Inoorero University that have managed implement it for relatively longer period compared to other universities in the country. From the study it revealed that the virtual university is more suited for theoretical courses and it prevents a huge challenge when introducing a new course that will require simulations and practicals. Most universities noted that for successful implementation of virtual university suitable courses should be introduced with requisite reference materials for course outline and continuous evaluation of the program to ascertain its effectiveness. It should also have a buy-in from faculty or institutional management. The study shows that though most of the instructors have adequate training, technology keeps on changing and there is need for them to keep abreast. This means refresher courses should be conducted for those already trained. It is equally important to ensure that online assessments and assignments are conducted properly in order to safeguard the credibility of the VUs and avoid any unethical behavior from the students. The study eventually recommends a framework for successful implementation of Virtual Universities based on the findings of the research.
  • Thumbnail Image
    Item
    A framework to guide information security initiatives for banking information systems: Kenyan banking sector case study
    (Strathmore University, 2013) Njiru, Stella Wanjiru
    Banks are increasingly using technology to reduce their costs and deliver high quality services. As banks continue to become very dependent on computers, millions of shillings are being spent on these information systems. But even as modern banks increasingly rely on the internet and computer technologies to make their transactions, they have become vulnerable to technologically – based fraud. This is because of the speed at which information system security is evolving and therefore leaving a gap between where information security is now and where it needs to be. To be able to deal with the widening gap in information security, the banking industry has implemented various frameworks that act as a guide when evaluating information security vulnerabilities. However, this seem not be enough as the Kenyan banking industry is still losing millions thanks to technologically- based frauds on a monthly basis. Reason being the fact that some of the frameworks are too generic and they do not match the security needs of the bank. Moreover, some of the information security controls suggested by the frameworks are outdated. This leads to short-term, incremental changes to be done on the framework that is not enough to close the gap. Case study methodology was used to find out the different challenges banks within the industry are experiencing and the kind of measures they are using to information security risks mitigation. This methodology was extremely helpful in discovering the challenges that banks are facing when using the existing framework. The research findings show that people are the largest threat to information systems as lack of proper communication (at 93%), lack of skilled labor and security awareness by customers (at 83%) were cited as a major obstacle to security effectiveness. Moreover, fraud (at 88%), careless or unaware employees (at 83 %) and internal attacks (at 77%) were cited as the threats and vulnerabilities that have increased banks’ risk exposure. To close the ever-growing gap between vulnerability does not require complex technology. Leadership and the alignment of people, processes and technology is what is most important in the transformation of information security
  • Thumbnail Image
    Item
    ICT Adoption Framework in Rural Secondary Schools: Case of Meru, Kenya
    (Strathmore University, 2013) Gatwiri, Bundi Dorothy
    Secondary school teachers and administrators are under increasing pressure to use Information and Communication Technology to impart to students the knowledge, skills and attitudes they need to survive in the twenty first century. Secondary schools need to migrate from a teacher-centered lecture based instruction, to a student–centered interactive learning environment. To attain this aspiration, an ICT enabled Secondary school education is fundamental. The main goal is to understand how embedded use of ICT in a learning environment can improve the learner outcome. Towards this end, international and national authorities have been spending huge sums of money to facilitate the implementation of ICT in Secondary education. This is why the Kenyan government is encouraging ―…the use of ICT in schools, colleges, universities and other educational institutions in the country so as to improve the quality of teaching and learning.‖ With the Kenyan National ICT Policy in place, ICT continues to advance in Kenya. Rural areas still experience a lag in its implementation that continues to widen the digital and knowledge divides. This is as a result of lack of systematic guidelines that can be used for ICT adoption in the learning processes. With this premise the researcher embarked on a study based on the secondary schools in Kenyan rural areas, in Imenti North District, Meru County. The study revealed that, though the key players in the secondary school education system have the will to embrace modern methods of instruction and knowledge management, Information Communication Technology is being used merely for routine basic processes such as word processing and therefore missing out on its true potential value. Since most of the teachers are just certificate holders and others have no formal computer education. The study used both descriptive survey and case study, where a single rural area in Kenya was chosen and structured questions were provided to the respondents to guide them in areas of interest concerning ICT adoption in secondary schools. The framework is structured into five dimensions. Students‘ aspects, learning environments, Teacher professional ICT attributes, School ICT capacity and School Environments are discussed. Fundamental aspects of the ICT pedagogy are covered in the study. Finally, the relationships between all dimensions are explored and their components are discussed. This study has documented the progress made in secondary educational development, while it is applicable to other secondary schools with similar challenges and status in Kenya. The study has revealed the role of ICT in enhancing secondary education in Kenyan rural areas. The results of the study are a framework that can be used for adoption of ICTs in rural secondary schools. This framework was validated at Ntugi Day Secondary School, a public day secondary school within Imenti North District, Meru County in Kenya.