Assessing Challenges Facing Implementation of Information Security Critical Success Factors: A Case of National Examination Council, Tanzania

Abstract

Aim of this study was to assess challenges facing implementation of information security critical success factors. The study employed quantitative research approach and survey research design where case study design was used. A sample of 79 respondents derived from the population sample of 372 were used by using Slovin’s formula sampling technique, 86% of respondents questionnaire filled effectively were used. Descriptive data analysis was used to analyze variables based on research questions while, statistical tables and figures were used in data presentation. Results of this study indicate that, there are challenges in implementation of information security critical success factors such as security training program, security policy, risk assessment, regular system update, system auditing and committed of top management. The study found reasons for challenges of implementation from respondent views as availability of limited resources, weak financial support from top management, lack of understanding of needed technology from information technology professionals; poor security awareness program for top management who may think that information security is the issue of information technology department only and not the whole organization. It is therefore concluded that organization should identify their specific information security critical success factors to enhance useful of organization limited resource, without investing in generalization and give solutions based on risk priority, in order to make organization secure also utilization of information security critical success factors holds significant importance in ensuring security of an organization's data. It is crucial to address and eliminate any challenges that are within the scope of affordability or manageability.