1. Introduction
Public sector always play a major role in the development and growth of the economic mostly in the developing nations, but when modern facilities like information and communication technologies (ICT), are applied it will improve the public sector greatly and contributes to better services processes that can address citizens as well as government services. Also, information technology (IT) has become a real force in the process of transforming our social, economic and political life’s, there is little chance for nations or regions to progress without the incorporation of information technology. Furthermore, corporate governance deal with different people who are united as one entity with the power and authority to direct, control and rule organization.(Ruin,2001).
Obviously, information system in Zanzibar and most developing nations like Kenya are facing serious challenges. These include: government policy, non-availability of fund, inadequate infrastructure and inadequate skill.
1.1 GOVERNMENT POLICY
Information security policy is challenging in non-industrialize nations because of mismatch between the current and the future system owing to the huge gap in physical, cultural, economic and different other contexts between the software designer and the place the system is being implemented. (Heeks,2002).
Also, documentation policy is a problem, because many factors which could allow individuals to access the services effectively is not recognized, that is, the
Passwords should be designed to prevent them from being discovered by unauthorized persons. All passwords should have at least eight (8) characters. The user-IS should never be used as the password. Words in dictionary, derivates of user-IDs, and common character sequences such as “123456789” should not be employed.
* Review the results of a qualitative Business Impact Analysis (BIA) for a mock organization
For example a clerk will only be able to access a limited amount of information, such as inventory at each store. The limitations will be different for an accountant or the mangers. All information will be protected with several different layers of security. The first layers will be simple hardware protection for access to the network; from there the security will increase with password protection and restrictions to users. (Merkow & Breithaupt 2006)
For the healthcare industry it is important to have an Information Security Policy Framework within the organization to protect information that is accessed across the network by staff personnel and patients. In accordance with ISO/IEC 27799:2008, we begin to define the guidelines to support the interpretation and implementation of healthcare information protection. ISO/IEC 27799:2008 references the basic controls and guidelines of ISO/IEC27002:2005 will provide the minimum protection necessary to meet organizational needs. Healthcare organizations that
Sunica Music and Movies, a local multimedia chain with four locations would like to switch to a centralized network to handle accounting and inventory as well as starting an Internet-based commerce site. The security policy overview shows the new setup will utilize four types of security policies. These polices have set goals that must be meet in order to achieve and maintain a successful transition.
We must have adequate arrangements and systems to ensure compliance with all of our obligations, and a written plan
This area of the Security Policy articulation presented is a report that all in all make up the Security Policy that administers the activities of the Campbell Computer Consulting and Technology Company. The security strategy covers the accompanying:
This policy addresses the use of Luebbert Medical Company’s (LMC) company-owned computer equipment. This includes hardware, software, and procedures associated with company equipment. This policy is intended for authorized users within LMC. This includes employees and conditional workers. Authorized users are expected to understand and comply with the contents of this document.
Public sector refers to the part of the economy concerned with providing essential government services. The public sector includes such services as a police, military public roads, primary education and healthcare for the poor.
Information security is often still playing in companies only a minor role. Many companies neglect aspects such as system misuse, sabotage or even espionage. But by now the reality has caught up with them. Straight from abroad there are more hacker attacks and espionage by competitors. Therefore, the law requires different approaches before to ensure information security. Companies must for example ensure that their information-processing systems are protected and kept safe.
The purpose of this IT Security Compliance Policy is to recognize the legal aspects of the information security triad: availability, integrity, and confidentiality as it applies to the Department of State at U.S. Diplomatic Embassies across the globe. This document also covers the concept of privacy and its legal protections for privately-owned information by the U.S. government and government employee’s use of network resources. A detailed risk analysis and response procedures may also be found at the end of this policy.
Companies are prone to more threats to their information now more than ever before. With employees having the capabilities to access the company’s network both in and out of the office, increases the potential that information or the access to information may end up in the wrong hands. It is because of these threats that companies create and enforce network security policies.
According to Infosec Institute, an Information Security Policy (ISP) is a formal set of rules users and networks within organizational IT infrastructure must follow in order to insure security of information digitally stored within the organization (Kostadinov 2014). In order to implement an effective ISP, organization’s objectives must be taken into consideration, and a strategy for securing information, in line with formal regulations or accepted standards of good practice, must be developed (Bayuk 2009).
They additionally reflected that information and communication technologies (ICT) builds and improves the efficiency and accountability of the staff in departments where these services have been used. E-governance and information and communication technolo-gies (ICT), upgrades the viability of e-governance.
Today’s world of computer systems are used by large set of individuals across organisations either collocated or distributed geographically. This has decreased the level of trust as compared to the past where there were small set of users entrusted in an organisation (Van der Geest G J, 2008) . In a bid to make sensitive data and infrastructure secured from unauthorized users, a security policy is developed by the system administrator of the organisation in other to control “who gets in”, “who does what” and “who sees what”. This duty has seemed to be one of the difficult problems faced by the admin and could turn out bad If not controlled properly (Kizza, 2009). However, due to differences in geographical