Framework for Enhancing Effectiveness of Information Security Measures Implemented in Public Institutions in Tanzania

Public institutions in Tanzania have been adopting an increasingly web-based system to enhance service delivery to citizens. These institutions have constantly employed various security measures to protect their information assets. Despite the security solutions invested, public institutions face challenges in appropriately identifying and selecting the information security measures (ISMs) to combat and mitigate security flaws properly. This study aimed to develop a new ISMs framework for enhancing the effectiveness of the ISMs implemented in public institutions. The study employed a survey method in which the survey questions were newly developed for this study. Questionnaires and documentary sources were used for data collection across three government institutions. Furthermore, the study employed SPSS to carry out data analysis. Additionally, the study employed the TOPSIS method to analyze the criticality of ISMs based on three (3) security objectives as criteria and a five-point Likert Scale. The findings from the study revealed that public institutions had sufficient technical and financial capability but lacked IT personnel capability. Furthermore, the study findings revealed that access control and cryptographic systems are the most critical security measures to reduce and mitigate security threats and risks. Based on the study findings, a new ISM framework guiding ISMs in public institutions was developed and validated. The study suggested the security framework developed to be adopted by public institutions and organizations of a similar nature to enhance, secure, and strengthen informational assets.