Abstract: Universities have adopted information systems replacing manual processes and thus simplifying work and increasing capacity which in turn has led to increased efficiencies. Information systems are useful in collection, processing, storage, retrieval and communication of information to the relevant users in a timely manner. Adoption of information systems come with the challenge of maintaining security. Various controls have been enforced to ensure that the systems are protected and thus enhance data confidentiality, integrity and availability. According to the United Kingdom General Data Protection Regulations, all data in a university must be protected from unauthorized access. However, data insecurity is still reported in many institutions of higher learning. Institutions are having challenges in monitoring revenue and tracking students’ academic progress risking the credibility of the awards given while students are made to reseat examinations due to missing marks and pay fees already previously paid. This study sought to establish the influence of information systems security controls on data security in universities in Kenya. The study was guided by the following specific objectives; to determine the influence of administrative controls, technical controls and physical controls on data security in universities in Kenya. The study was carried out at Kiriri Women’s University of Science and Technology. A descriptive research design was used for the study. Using purposive sampling technique, a sample of 55 respondents was included in the study drawn from the population of 122 information system users. The researcher used a questionnaire for data collection which was tested through a pilot study to establish the validity and reliability. The data collected was analyzed using the Statistical Packages of Social Sciences 21 (SPSS) program. Frequency distributions, percentages, correlation and regression analysis were computed and interpretations made. The findings were presented in tables and figures were be accompanied by detailed explanations. The studies established that administrative, technical and physical controls are correlated to data security in information system used in universities. From the data analysis, administrative, technical and physical control were all positively correlated to data security at; technical controls (r=.798, p=.000), physical controls (r=.575, p=.000) and administrative controls (r=.390, p=.005) at 0.05 significance level. Regression analysis established an adjusted R2=.727 implied that 72.7% of the changes in the level of data security in the university’s information systems can be explained by the changes in administrative, technical and physical controls. As such, enhancing these controls to a large extend help in mitigating data insecurity in information systems used in universities in Kenya.

Keywords: Data Security, Administrative Security Controls, Technical Security Controls, Physical Security Controls.

| DOI: 10.17148/IARJSET.2021.8511