ku logo
ICT Support Services ICT Support Services Knowledgebase ICT Policies
KU ICT Policy (2025-2030)
Suggested knowledgebase articles:

KU ICT Policy (2025-2030)

Kenyatta University has developed a comprehensive framework of Information and Communication Technology (ICT) policies to ensure the responsible, secure, and sustainable use of digital resources in support of academic excellence, administrative efficiency, and legal compliance. These policies cover asset management, communication, cybersecurity, data governance, disaster recovery, artificial intelligence, and environmental sustainability.

The ICT Asset Management Policy governs the lifecycle of ICT equipment, from procurement to disposal, with centralized control by the ICT Directorate. Security measures include encryption, restricted BYOD use, and accessibility provisions for persons with disabilities.

The Corporate Email Policy provides all staff and students with official email accounts for academic and administrative purposes. Misuse is prohibited, and accounts are deleted after clearance or dormancy. Access through third-party applications is strictly regulated.

The Access Control Policy restricts ICT system use to authorized individuals through strong authentication, VPN-enabled remote access, and role-based rights, with regular reviews and audits.

The Encryption Policy mandates encryption of all sensitive data in transit and at rest, with multi-factor authentication and strict key management to ensure regulatory compliance.

The Cybersecurity Policy protects digital assets through risk management, system hardening, patching, antivirus use, incident response, and recovery planning, ensuring resilience against evolving threats.

The Data Protection Policy, aligned with the Kenya Data Protection Act (2019), regulates the collection, processing, and safeguarding of personal data. It ensures transparency, security, and rights of data subjects under the oversight of a Data Protection Officer.

The Systems Development and Integration Policy standardizes IT projects to be secure, user- focused, and scalable. It enforces project management standards, vendor regulation, and secure integration through APIs and monitoring.

The Artificial Intelligence Policy promotes ethical, inclusive, and secure AI use across teaching, research, and administration. Misuse, such as academic dishonesty, is subject to disciplinary action, and oversight is provided by an AI Ethics Committee.

The ICT Disaster Recovery Policy ensures continuity through a Disaster Recovery Plan, secure backups, designated recovery sites, and regular biannual testing to restore ICT services swiftly after disruptions.

The E-Waste Management Policy enforces safe disposal, recycling, and reuse of ICT equipment through licensed providers. Secure data erasure is mandatory, and compliance is ensured through audits and adherence to environmental and data protection laws.

Was this article helpful? Yes | No

Article Details

Article ID:
154
Category:
ICT Policies
Date added:
2025-09-03 11:23:02
Views:
55
Rating (Votes):
(0)