dc.description.abstract |
This study has assessed information system security in safeguarding public assets. The study
was conducted in Mpanda Municipal Council, and specifically identified information security
strategies implemented in protecting public assets; determining essential resources and
capabilities needed to ensure effective implementation of information security strategies in
protecting public assets; and assessing the effectiveness of information security strategies
implemented in protecting public assets. The study was theoretically guided by the Theory of
Information security. Study population was 1294 employees of the Mpanda Municipal Council
and sample size was 140. The study used the descriptive research design and the concurrent
mixed method approach. Systematic simple random sampling was used to obtain respondents
who provided quantitative data. Purposive sampling was used to obtain management officers
from provided qualitative data. The semi-structured questionnaire was used to collect the
quantitative data, and an interview guide was used to collect the qualitative data. Quantitative
data was analysed by using descriptive statistics with percentages, frequencies, mean and
standard deviations. Thematic analysis was engaged to analyse qualitative data. The findings
of this research demonstrate the effectiveness of information security strategies in protecting
public assets within the Mpanda Municipal Council. The study concludes that measures such
as user identity management, securing remote access, data centre security measures, cloud
security measures, advanced threat defences, and anti-virus and Antimalware Software played
crucial roles in safeguarding public assets. Furthermore, the study concludes that budget and
funding, compliance and regulatory knowledge, risk assessment and management, incident
response capability, continuous monitoring, and continuous security improvements are
essential resources and capabilities that contribute to the successful protection of public assets
in Tanzania. The research has as well underscores the significance of incident response
metrics, risk response metrics, compliance metrics, and security incident metrics in protecting
public assets in Tanzania. The study has suggested several recommendations in line with the
study findings. The study recommends that LGAs and Government Institutions should enhance
employee’s awareness on information security strategies through training and awareness
programs. They should also conduct regular security assessments, vulnerability scanning, and
penetration testing to identify and address potential weaknesses in their information security
infrastructure. They should also develop and maintain a well-defined incident response plan that
outlines the steps to be taken in the event of a security incident. |
en_US |