Information Systems and Technology
Permanent URI for this communityhttps://hdl.handle.net/10413/6786
Browse
Browsing Information Systems and Technology by Author "Ajayi, Nurudeen Abimbola."
Now showing 1 - 3 of 3
- Results Per Page
- Sort Options
Item The effects of security protocols on cybercrime at Ahmadu Bello University, Zaria, Nigeria.(2018) Badamasi, Bukhari.; Maharaj, Manoj Sewak.; Ajayi, Nurudeen Abimbola.The use of Information Communication Technology (ICT) within the educational sector is increasing rapidly. University systems are becoming increasingly dependent on computerized information systems (CIS) in order to carry out their daily routine. Moreover, CIS no longer process staff records and financial data only, as they once did. Nowadays, universities use CIS to assist in automating the overall system. This automation includes the use of multiple databases, data detail periodicity (i.e. gender, race/ethnicity, enrollment, degrees granted, and program major), record identification (e.g. social security number ‘SSN’), linking to other databases (i.e. linking unit record data with external databases such as university and employment data). The increasing demand and exposure to Internet resources and infrastructure by individuals and universities have made IT infrastructure easy targets for cybercriminals who employ sophisticated attacks such as Advanced Persistent Threats, Distributed Denial of Service attacks and Botnets in order to steal confidential data, identities of individuals and money. Hence, in order to stay in business, universities realise that it is imperative to secure vital Information Systems from easily being exploited by emerging and existing forms of cybercrimes. This study was conducted to determine and evaluate the various forms of cybercrimes and their consequences on the university network at Ahmadu Bello University, Zaria. The study was also aimed at proposing means of mitigating cybercrimes and their effects on the university network. Hence, an exploratory research design supported by qualitative research approach was used in this study. Staff of the Institute of Computing, Information and Communication technology (ICICT) were interviewed. The findings of the study present different security measures, and security tools that can be used to effectively mitigate cybercrimes. It was found that social engineering, denial of service attacks, website defacement were among the types of cybercrimes occurring on the university network. It is therefore recommended that behavioural approach in a form of motivation of staff behaviour, salary increases, and cash incentive to reduce cybercrime perpetrated by these staff.Item Managing IT outsourcing risks: the case of large organisations in South Africa.(2017) Badru, Abdulbaqi Eyitayo.; Ajayi, Nurudeen Abimbola.Information technology (IT) is significant to achieving business objectives. Despite the significance of IT to the business, organisations are outsourcing the whole, or part thereof, of their IT department to reduce cost and focus on the core of their business. The outsourcing of IT, however, comes together with risks such as vendor lock-in, loss of control and information breaches that could lead to IT outsourcing (ITO) failure. If these risks are not properly identified and managed, organisations will remain vulnerable. While studies have been conducted on ITO and risk management, very few have conducted exploratory research to address how to manage the risks of ITO. Hence, using a qualitative approach, this study explored how large organisations manage the common risks of ITO. These risks are the operational risk, business continuity risk, data privacy risk and compliance risk of the IT Service Provider (ITSP). The study further explored the impact of these risks on large organisations and the mitigating controls organisations can have in place to reduce their impact and likelihood of occurrence. Interviews, which were recorded, was conducted with 12 experts from two large organisations in South Africa. The recorded interviews were transcribed, coded using NVivo software and analysed using thematic analysis. The main themes of this study were governance, develop ITO risk profile, ITSP audit, risk treatment, and assurance. Findings show that organisations need to constitute a Risk Management Committee with a substantial level of experience in the management of risks and ITO. This is to ensure the effective identification, assessment and treatment of ITO risks. Furthermore, the constituted Risk Committee must conduct verification exercises to identify the inherent risks of ITO. They must also conduct maturity assessment and business impact analysis (BIA) in assessing the probability of occurrence and impact of ITO risks. The Committee must establish technical and administrative controls in mitigating the risks of ITO. The findings further show that organisations must integrate risk governance and assurance polices in their ITO risk management strategy to continuously monitor residual risks and identify potentially new risks. A governance Framework for IT Service Provider Risk Management (ITSPRM) that may serve as a guide in the effective management of ITO risks was also developed and presented.Item Students’ perceptions of computer-based assessment: a case of UKZN.(2018) Faniran, Victor Temitayo.; Ajayi, Nurudeen Abimbola.Assessment may be defined as the process of measuring the skill, capability, understanding and knowledge of an individual. It may also be defined as the process that involves testing of students’ knowledge about what they have been taught. Over the years, students have been undertaking assessments using pen, pencil and paper. Assessments administered in this mode are regarded as paper-based assessment (PBA). However, due to the ever-growing nature of technology, the use of information and communication technology (ICT) was introduced into the assessment process, and this has influenced the way assessments are being administered, especially in academic institutions. Due to this introduction, assessments are now administered using computers, and such assessments are regarded as computer-based assessments (CBA). According to the literature, the use of CBA offers more advantages than the use of PBA. Hence, academic institutions now adopt the use of CBA over PBA. This adoption has led to certain controversial reactions among researchers. Notable among these reactions is that, when an identical assessment is administered as PBA and CBA, there are differences in the assessment results of students. These differences are said to have arisen from the different perceptions of students about CBA Studies have been conducted on students’ acceptance and adoption of CBA, but few investigations have been carried out on the perceptions of students about CBA. Hence, this study was aimed at investigating the perceptions of students about CBA, by taking into account, students’ preferred mode of assessment and the challenges they experience in the use of CBA. This study further proposed possible means of managing these challenges. To achieve the objectives of this study, a descriptive design was used, and quantitative methodology was employed to collect and analyse data. Questionnaires were distributed to a total of 357 students and analysis was carried out on the collected data using the Statistical Package for the Social Sciences (SPSS). The results obtained from this study showed that students find it easy to undertake CBA, prefer CBA to PBA, and hence, intend to undertake CBA frequently or in the future. Also, the results of this study showed that the use of CBA often improves students’ assessment performances and results. Furthermore, the results showed that, although students indicated that it is easy to undertake CBA, they still experience challenges. The challenges experienced by students in the use of CBA, and the possible means of managing these challenges, have been presented in this study.