Professional Documents
Culture Documents
Group Assignment IT Audit
Group Assignment IT Audit
Introduction
LUCT is composed of a number of faculties that are engaged in research, invention,
innovations and generation of new knowledge in line with its motto “be the best”. The
purpose of developing the ICT Policy is to assist researchers, auditors, research
managers and LUCT, in ensuring that they have access to best practices for the
identification, protection and management of ICT and, therefore, to maximize the
benefits and returns from public investment in ICT. Furthermore, the implementation of
this policy is expected to enhance the visibility of the university.
The University has steadily expanded ICT resources and services since its inception.
The number of computers in the University College has grown to over a large number
desktops most of which are networked. The ICT network comprises a fiber optic
backbone and several Ethernet LANs that cover the academic and administrative
blocks. The LANs are managed from a central server room which hosts various servers,
switches, routers and other data terminal equipment. Additionally, the University has
acquired licensed software and support staff.
The policy framework adopted will aid the University in sustaining the expansion,
effective management and optimum utilization of ICT resources. It will also guide
acquisition, further development, administration, maintenance and usage of the ICT
facilities. With adequate investments in ICT, this policy document can be implemented
to the advantage of the University customers and enable the auditing to be at ease.
Mission
Our vision is for all teachers and learners in LUCT to become confident users of ICT so
that they can develop the skills, knowledge and understanding which enable them to
use appropriate ICT resources effectively as powerful tools for teaching and learning.
The aims of the ICT Policy
The overall aim for Information and Communication Technology is to enrich learning for
all students and to ensure that lecturers develop confidence and competence to use
Information and Communication Technology in the effective teaching of their courses.
Literature Review
ICT is a convergence of microelectronics, computing (hardware and software) and
telecommunications. Modern trends in micro-processors and semiconductors has
enable the processing and storage of enormous amount of data while integration of fibre
optics and fast Ethernet technology in networks has facilitated rapid distribution of
information through communication networks. Linking computing devices and allowing
them to communicate with each other creates networked information systems based on
a common protocol. This has radically altered access to information and the structure of
communication, extending the networked reach to many parts of the world (Literature
Review Of Information Communication Technology ..., n.d.).
In addition, ICT comprises of technologies and tools that people use to share, distribute,
gather information, and to communicate with one another, one on one, or in groups,
through the use of computers and interconnected computer networks. They are
mediums that utilize both telecommunication and computer technologies to transmit
information (Literature Review Of Information Communication Technology ..., n.d.).
With reference to that, universities implement ICT in a wide range in order to achieve
the mission and objectives related to the education process learning and teaching; and
research and business so that they can transfer knowledge and ensure their position on
the market. ICT has been closely related to universities from the start. Constant
technological development of ICT enables the implementation of new ICT devices and
services which influence and change the teaching and learning process, research and
business (Literature review: The use of ICTs in the fight against ..., n.d.).
According to the Lisabon Declaration, ICT is supposed to take an active part in creating
the society of knowledge, transforming the process from teaching to learning, as well as
in enabling the students to access information and learning materials, ICT becomes the
resource with a strategic significance (Literature review: The use of ICTs in the fight
against ..., n.d.).
The general use of ICT is expressed through national policies and categorized into the
social rationale, vocational rationale and pedagogical rationale, defined by Voogt (2008:
118).
The social rationale, related to the preparation of people for their place in the
world.
The professional rationale, emphasizing the importance of offering appropriate
skills for future jobs.
The academic rationale, focused on the enhancement of teaching and learning,
and using computers.
Anderson and Plomp (2009) noted that making decisions about whether and how to
integrate ICT into teaching and learning is sometimes complex, technically demanding,
and the effects thereof are not always known due to lack of research on which to base
the decision. It is imperative therefore for countries to develop national ICT policy to
serve as a guide to what needs to be done, when, and by whom, for the smooth
implementation of ICT. A number of countries developed their national ICT policy for
learning, ranging from Global and cross-national policies, national policies and school-
level policies.
However, it was noted over time that having national policies in place did not guarantee
feedback to decision makers. These policies need to state a developmental strategy
that conveys a vision on how this goal is to be achieved (Kozma, 2008).978IU
Information management
Use of ICT to organize, manage and use information for teaching and learning,
and to present information.
Collaboration
Product creation
ICTs can be grouped into three categories (Information technology & Communication
Technology (ICT) Policy-THE MA HARAJA SAYAJIRAO UNIVERSITY OF BARADO,
2021):
General Guidelines
(Anderson and Plomp, 2009)
All users should be aware that several network usage issues are covered by the
ICT management policy and violation of which is an offence.
The LUCT campus-LAN and Internet access resources are meant for official use
arising from the academic or research activities and administrative
responsibilities of the faculty, staff and students of the University. Use of network
resources for personal purposes is discouraged.
Users should view the ICT and network resources with a sense of ownership and
participation, and should actively help to prevent any misuse. Procedures laid
down from time to time regarding the management of ICT and network
resources, must be understood and followed carefully by the user community.
The Computer Centre has the right to monitor and scan all information carried by
the network for the purpose of detecting and identifying inappropriate use. As
such, the privacy of information carried by the network is not guaranteed.
Computer Centre is authorized to break open a PC or disconnect it from the
network, if called for.
Every user is expected to be aware of the contents of this policy document, and
agrees to abide by its provisions. Once adopted, this policy should be publicly
posted on the LUCT website, and all individuals who use ICT & network
resources of the university should be made aware of this policy.
Every effort will be made to aggressively publicize the policy and make it widely
understood and accepted, by holding training sessions for end users, circulating
training material and organizing personal meetings.
ICT Policy Implementation Committee shall look into all violations of this policy,
and recommend suitable action to the University Authorities.
Infrastructure
Network Access
Staff and students have access to reliable and industry-standard hardware and software
in order to use ICT effectively as a teaching and learning resource, and as a working
tool for management and administration. Every staff member has at least one PC for
staff use. All staff and student users have access through the school’s Curriculum
network to their personal data areas, shared data, applications that are not held locally
including the internet. The Administrative network, which is managed by the Network
Manager, allows all staff access to electronic student data, timetables and attendance.
Staff issues
All staff should be entitled to training to improve their ICT capability and have a
responsibility to keep abreast of developments in ICT. The ICT Coordinator, the
Network Manager and the institution ICT support Unit can be contacted to request
support and training in the use of ICT. This will help the institution to increase better
literacy on ICT; not only for the IT management but it will also be for the whole
departments, hence amplifying better ICT control within every faculty.
Student data
All staff is provided with training in pupil data management information systems on
request. Faculty Leaders and Year Leaders have a responsibility for improving the use
of data throughout the school. There is a rolling program of improving access to, and
improving the quality of staff computers throughout the school. The school started using
electronic registration since early approximately 2010 to improve pupil attendance.
However, the management must ensure appropriate confirmation for students’
registration so that it is easy to retrieve their overall courses registered even in the
middle of the semesters or after examinations. This will therefore help in guaranteeing
that there are no arising problems that will probably not be carefully ministered.
Furthermore, staff registers classes for every lesson through the PC in each classroom.
In the event of technical difficulties, paper registers are taken and sent to reception for
collation and entering onto the system as soon as possible. Attendance and lateness is
regularly reviewed by Faculty Managers and suitable action taken to reduce instances
of lateness or absenteeism. Line managers identify with staff their ICT training and
development needs and inform the School Development Plan.
With regard to that, it has come to a awareness that the ICT management hat to check
every portable equipment annually and computers three-yearly under the Electricity at
Work Regulation. Again, students must be made aware of the correct way to sit when
using the computer and the need to take regular breaks if they are to spend any length
of time on computers so that they know how they have to react to any occurring
problems.
Despite the above, there are multimedia rules placed on display within the ICT room for
reference along with specific rules for the use of Internet, computers and electricity
although approximately 20% of students follow the rules. As regards, the IT department
earnestly makes use of the written policy for the use of multimedia. This directive is
followed for only supervision staff. Whilst this legislation only applies to students who
use multimedia, the management must seek to provide conditions for all students which
meet these requirements.
Pertaining to the above, the university must guarantee that an alarm system is installed
throughout the institution so that students and all staff reactions to the fire are well-
timed. Each computer system has individual security against access to the
management system to restrict students’ interference. The files and network system are
backed up regularly. The virus checker is hoped to be updated regularly.
Acceptable Use
Access to networked computers to support students' academic work is provided. The
institution’s Acceptable Use Policy is an extension to the School Rules. It includes
guidelines for the safe and responsible use of the network and the internet, and
identifies those activities which constitute an abuse of the university’s ICT facilities. In
summary, users of LUCT network are prohibited from:
Feasibility: If an item or technology does not already exist and is being introduced, an
appropriate justification for introducing new item or technology must be prepared. It
must also consider the alternate technologies explored and the reasons why the choice
for the selected technology was made.
Insurance: Each item must get covered either in general Insurance Policies or for
specific items and must get covered under specific policies related with Electronics
Items. For example, Servers must get covered in Policy for Electronic Items with Data
Restoration. Insurance against loss of data and cost of recovery also should be
considered.
Systems Audit: There must be a system of cross checks and physical verifications of
ICT Assets to ensure that all assets exist; they are functioning as expected, are
technically fit and not obsolete. Such audit help in determining in advance the items that
need replacements over a period of time and so, can be well planned. This activity will
prevent any dreadful conditions of efficiency in the ICT Services.
Information Security: There are different aspects of Information Security. They are
broadly classified as Digital and Physical. Security related to Digital Devices is related
with Passwords, Access Rights, Backups, Anti Virus Measures, use of external media
and so on.
Physical Security involves securing parts of physical location to regulate its access, to
restrict only authorized personnel, to provide for smoke detectors and fire alarms, to
enable monitoring through CCTV Cameras and so on. On the other hand, Physical
Security covers classification, storage and upkeep of documents, regulating access to
classified documents and arranging for their safe custody, sharing of confidential
information, inadvertent leakage of classified information and so on.
Outsourcing: In the modern world, outsourcing is beneficial and cannot be avoided but
there are many aspects that need to be considered while outsourcing activities or while
having external staff working within University premises. These concerns are related
with providing information related with outsourced jobs, getting certain repairs done,
disposing off items or equipment, all of which must be carefully carried out considering
ICT Security and safety in mind. Similar care should be taken while executing any turn-
key projects in the area of ICT implementation.
Best Practices: There must be personnel earmarked to keep abreast of the
developments in Technology, who must be assigned the identification of appropriate
avenues wherein new technology or products may be profitably deployed. They must
also keep themselves aware about the best practices desirable or being followed
elsewhere, which may be beneficial to the university.
Role of Stakeholders
All stakeholders of LUCT will need to work together to ensure that the ICT policy
achieves its full potential. This includes; to build capacity, increase confidence and
security in the use of ICTs, create an enabling legal and regulatory environment, and
encourage international and local cooperation.
The Management
The management role is to provide the vision and policy with a legal and
regulatory framework that will guide the activities of all stakeholders.
Establish institutional mechanisms to ensure the successful implementation of
the ICT policy.
The management must also play a key role in channeling resources to invest in
the supporting infrastructure for ICTs in partnership with international and
regional universities and other institutional partnerships.
IT Controller
The IT controller will play a key role in the development and expansion of ICT
infrastructure and provision of ICT services and products.
It must also attempt to exploit new technology support presented by ICTs and
spread the use of ICTs throughout the university to increase the development of
powerful computer support and networking.
The IT controller will be called upon to improve service quality to ensure the
proper management of multimedia rooms the reliability of WI-FI network.
Other Institution Departments
They must play a major role in improving teaching and learning mechanisms that
develop lecturers that are ICT literate and capable of producing local ICT
products and services.
They must ensure that ICT literacy is part of the prospectus.
They must use ICTs to expand access to education as well as improving the
quality of education.
Implementation Strategy
Policy Statements
In order to ensure focused implementation of ICT policy the following articles of policy
statements are hereby declared; it is the LUCT Policy to:
ii) Assure availability and controlled usage and changes of basic User-level Data
Communication and telecommunication Services such as e-mail, Access-to
Internet or Extranet or Intranet services and telecommunication terminal
equipment which actually are major elements of the low-level network and
communication services.
iii) Promote office computing in all offices. This applies to lecturers, researchers,
administrators, managers, as well as to secretarial and clerical workers. Major
office computing applications are: word processing, electronic mail,
spreadsheet processing, data and document storage and retrieval desktop
publishing, access to internet and intranet.
vi) Enhance and update financial management processes and reporting through
the implementation of an integrated financial information management
system.
vii) Enhance and streamline the human resource management and administrative
processes through the implementation of a human resource information
system.
xi) Ensure that all students and staff are trained on a continuing basis to equip
them with the basic skills to fully exploit the ICT potential in their different
functions, in order to make the entire institution organization “IT – Complaint”.
Objectives
Strategies
The strategies for implementing the development of ICTs and Infrastructure are to:
There is a limited supply of qualified ICT professionals in the institution and the high
cost of ICT training programs serves as a barrier to building capacity in this area.
Departments frequently lack ICT literacy and expertise and thus, in many cases, have
been ineffective at integrating and utilizing existing ICTs in the institution. This is
because the policy made within every department is hardly attained, that is, there is a
shortage of multimedia Ethernet cables to be acquired by each student during the
researches. There is also less functioning WI-FI network that sometimes limits or
restricts students from accessing media websites for vital tutorials.
Furthermore, the high cost of equipment deters educators from making the purchase of
computers and Internet connectivity a priority when LUCT lack basic facilities and
educational supplies. The management is committed to comprehensive programs of
rapid deployment, utilization and exploitation of ICTs within the university. Policy efforts
shall be directed at using ICTs to facilitate learning and to support efforts of each
department in its delivery of training learners and re-training programs.
Objectives
The objectives that will lead to effective education and human resource development
include
Strategies
Policies and initiatives are needed to speed-up the delivery of ICT services. Measures
are also needed to develop and promote ICT delivery systems, services and
applications that offer practical solutions to the development challenges faced by the
students.
Objectives
Strategies:
Voogt J. (2008) Satisfying pedagogical practices using ICT. In Pedagogy and ICT Use
in Schools around the World: Findings from the IEA SITES 2006 Study (eds N. Law,
W.J. Pelgrum &T. Plomp), pp. 222–250. CERC/Springer, Hong Kong/Dordrecht.
n.d. Literature review: The use of ICTs in the fight against ....[online] Available at:
https://www.transparency.org/files/content/corruptionqas/Literature_review_The_use_of
_ICTs_in_the_fight_against_corruption_2016.pdf [Accessed 2021].