A cybersafety educational framework for primary school learners in South Africa
- Authors: Kucherera, Lean
- Date: 2020
- Subjects: Computer crimes -- Security measures -- South Africa School children -- Crimes against -- South Africa
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/49452 , vital:41722
- Description: Information and communication technologies (ICTs) have made life much easier for many people but have also brought many dangers to the world. School learners are amongst the users of ICT who are becoming cyber citizens. This age is good at exploring new things, with a growing number of school learners having access to ICT devices, such as mobile phones, tablets and desktop computers. This is due to the affordability of mobile phones, which they normally receive as gifts from their parents. Due to easy access of ICT, school learners can now access cyberspace which offers them many advantages and benefits. Such advantages and benefits include having a platform to socialise, improved and ease of access to information as well as improving their learning. Despite these benefits, school learners (primary school learners in particular) are prone to falling victim to a range of cyber risks and attacks since cyberspace is an unregulated platform that poses many potential dangers Common cybersafety threats associated with school learners include cyberbullying, sexting/“sextortion”, engaging with strangers, accessing inappropriate content and being exposed to a breach of privacy. Because the cybersafety of children, especially primary school learners, is often compromised, there is a need to protect them from the threats associated with ICT. However, protecting children from the aforementioned cybersafety threats is complicated because access to cyberspace is no longer confined to the home computer, but has extended to mobile phones, which are even more pervasive. Therefore, it is essential for school learners to be educated on how to protect themselves and their information in the virtual computer world. A number of developed countries like Australia, New Zealand, Canada, United States of America (USA) and United Kingdom (UK) have included cybersafety education in their school curricula. Similarly, the rapid growth of the Internet around the world, allowed some countries in Africa to take the initiative to start implementing cybersafety education in schools including Mauritius, Tunisia, Kenya, Ghana, Mozambique, Cameroon, Egypt and Rwanda. Countries like Uganda, Sudan, Morocco and South Africa are still facing challenges in this aspect. This study is focused on the cybersafety of primary school learners in the South African context.
- Full Text:
- Date Issued: 2020
- Authors: Kucherera, Lean
- Date: 2020
- Subjects: Computer crimes -- Security measures -- South Africa School children -- Crimes against -- South Africa
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/49452 , vital:41722
- Description: Information and communication technologies (ICTs) have made life much easier for many people but have also brought many dangers to the world. School learners are amongst the users of ICT who are becoming cyber citizens. This age is good at exploring new things, with a growing number of school learners having access to ICT devices, such as mobile phones, tablets and desktop computers. This is due to the affordability of mobile phones, which they normally receive as gifts from their parents. Due to easy access of ICT, school learners can now access cyberspace which offers them many advantages and benefits. Such advantages and benefits include having a platform to socialise, improved and ease of access to information as well as improving their learning. Despite these benefits, school learners (primary school learners in particular) are prone to falling victim to a range of cyber risks and attacks since cyberspace is an unregulated platform that poses many potential dangers Common cybersafety threats associated with school learners include cyberbullying, sexting/“sextortion”, engaging with strangers, accessing inappropriate content and being exposed to a breach of privacy. Because the cybersafety of children, especially primary school learners, is often compromised, there is a need to protect them from the threats associated with ICT. However, protecting children from the aforementioned cybersafety threats is complicated because access to cyberspace is no longer confined to the home computer, but has extended to mobile phones, which are even more pervasive. Therefore, it is essential for school learners to be educated on how to protect themselves and their information in the virtual computer world. A number of developed countries like Australia, New Zealand, Canada, United States of America (USA) and United Kingdom (UK) have included cybersafety education in their school curricula. Similarly, the rapid growth of the Internet around the world, allowed some countries in Africa to take the initiative to start implementing cybersafety education in schools including Mauritius, Tunisia, Kenya, Ghana, Mozambique, Cameroon, Egypt and Rwanda. Countries like Uganda, Sudan, Morocco and South Africa are still facing challenges in this aspect. This study is focused on the cybersafety of primary school learners in the South African context.
- Full Text:
- Date Issued: 2020
A cybersecurity curricular framework for IT undergraduates in South Africa
- Authors: Mbuqe, Apelele Alungile
- Date: 2020
- Subjects: LCSH
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/49595 , vital:41739
- Description: Abstract ending in a full stop.
- Full Text:
- Authors: Mbuqe, Apelele Alungile
- Date: 2020
- Subjects: LCSH
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/49595 , vital:41739
- Description: Abstract ending in a full stop.
- Full Text:
A framework for digital signature implementations for e-government services
- Authors: Kumalo, Mmaphefo Octavia
- Date: 2020
- Subjects: Electronic government information , Internet in public administration Municipal government -- Data processing
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/46086 , vital:39490
- Description: The advent of the Internet has brought with it new innovations, new ways of doing business, new ways of working, new ways of engaging, and new forms of business models. It has ultimately disrupted the traditional ways in which we communicate, socialise, and live life in general. This era has heralded the requirement for digitization and has brought about the digital economy and the Fourth Industrial Revolution. The fundamental ways in which companies and governments do business are changing due to the increased innovation, and the cost efficiencies that this era has brought with it. Like most governments worldwide, the South African government has responded to the Internet revolution and is taking advantage of it through e-government initiatives. The direct effects of e-government include cost savings, efficiencies, improved and continuous interactions and communications with citizens, better public procurement, and improved tax collection. The area of digitization has the potential to improve how the South African government delivers services to citizens and those that reside within the borders of the country. Amongst the five elements of successful e-government transformation, process reform is at the top of the list. e-Government is not just about the automation of existing processes and inefficiencies. It is also about the creation of new processes and new relationships between all the stakeholders involved. In the South African context, the lack of optimised, automated, and digitalised processes within various government departments has impeded crossfunctional processes’ effectiveness and efficiencies. Manual interventions in processing and transactions occur to comply with the legal requirement to manually sign documents. This poses difficulties in integrating processes within government departments to achieve a seamless experience for the citizen. As a result, this treatise sets out to answer the question of what needs to be in place to allow for the utilisation of digital signatures in automating the processing of e-government services for a seamless experience for citizens and businesses. The resulting Digital Signature Framework can be used by government departments to implement digital signatures and provides providing guidance, facilitating understanding, and providing ease of use, scalability, and agility.
- Full Text:
- Date Issued: 2020
- Authors: Kumalo, Mmaphefo Octavia
- Date: 2020
- Subjects: Electronic government information , Internet in public administration Municipal government -- Data processing
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/46086 , vital:39490
- Description: The advent of the Internet has brought with it new innovations, new ways of doing business, new ways of working, new ways of engaging, and new forms of business models. It has ultimately disrupted the traditional ways in which we communicate, socialise, and live life in general. This era has heralded the requirement for digitization and has brought about the digital economy and the Fourth Industrial Revolution. The fundamental ways in which companies and governments do business are changing due to the increased innovation, and the cost efficiencies that this era has brought with it. Like most governments worldwide, the South African government has responded to the Internet revolution and is taking advantage of it through e-government initiatives. The direct effects of e-government include cost savings, efficiencies, improved and continuous interactions and communications with citizens, better public procurement, and improved tax collection. The area of digitization has the potential to improve how the South African government delivers services to citizens and those that reside within the borders of the country. Amongst the five elements of successful e-government transformation, process reform is at the top of the list. e-Government is not just about the automation of existing processes and inefficiencies. It is also about the creation of new processes and new relationships between all the stakeholders involved. In the South African context, the lack of optimised, automated, and digitalised processes within various government departments has impeded crossfunctional processes’ effectiveness and efficiencies. Manual interventions in processing and transactions occur to comply with the legal requirement to manually sign documents. This poses difficulties in integrating processes within government departments to achieve a seamless experience for the citizen. As a result, this treatise sets out to answer the question of what needs to be in place to allow for the utilisation of digital signatures in automating the processing of e-government services for a seamless experience for citizens and businesses. The resulting Digital Signature Framework can be used by government departments to implement digital signatures and provides providing guidance, facilitating understanding, and providing ease of use, scalability, and agility.
- Full Text:
- Date Issued: 2020
A framework for teaching secure coding practices through a blended learning approach
- Mdunyelwa, Vuyolwethu Sizoli
- Authors: Mdunyelwa, Vuyolwethu Sizoli
- Date: 2020
- Subjects: Blended learning , Blended learning -- Case studies Computer security
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/49940 , vital:41890
- Description: With the recent increase in cyber-related attacks, cybersecurity is becoming a key area of concern for many organisations. Cybersecurity vulnerabilities are typically addressed through the implementation of various cybersecurity controls. These controls can be operational, technical or physical in nature. The focus of this research, however, is on technical controls with a specific focus on securing web applications. This research investigated whether third year software development students at the Nelson Mandela University adhered to secure coding practices in their capstone projects. In order to determine adherence, secure coding practices were identified from OWASP for the data access layer in web applications developed in the .NET environment. This was addressed by Secondary Objective, which was To determine what secure coding practices a web application developer should adhere to in the .NET environment. These secure coding practices were used to conduct a code review on 2015 third year capstone projects, and addressed Secondary Objective, To determine the adherence of third year software development capstone projects to the identified secure coding practices. The results for the code review were analysed and indicated low levels of adherence which led to the Problem Statement of this research, namely: Undergraduate software development students do not consistently adhere to secure coding practices when developing their third-year capstone projects, thereby leading to vulnerabilities in their web applications. In order to address this Problem Statement, the Primary Objective was identified, To develop a framework for teaching secure coding practices through a blended learning approach. Secondary Objective, To determine whether third year software development students have the requisite knowledge relating to secure coding, took the form of a questionnaire to assess students' knowledge relating to secure coding practices. This required the achievement of further sub-objectives which addressed both the knowledge and behaviour of software development students. The results of this questionnaire indicated that many of the third-year software development students lacked the requisite knowledge. This lack of knowledge and adherence was addressed through an educational intervention, meeting Secondary Objective, To design and implement an educational intervention to support software development students in the development of secure web applications. In terms of knowledge, online lessons were developed addressing each of the secure coding practices identified. In order to address adherence, students were given a checklist to monitor their adherence to the identified secure coding practices. Secondary Objective, To determine the exact of the educational intervention on both student adherence and their requisite knowledge regarding secure coding practices, involved the varication of the educational intervention, and comprised of two components, knowledge and behaviour. Knowledge varication took the form of an online questionnaire given to 2017 third year project students. To address behavioural adherence, the researcher conducted a code review on the 2017 capstone projects. The results from the varication showed a general improvement in students' knowledge and high levels of adherence to secure coding practices. Finally, a framework was developed that encompassed the key elements of this research, thereby providing guidance to support the development of se cure web applications in higher education institutions and meeting the primary objective of this study.
- Full Text:
- Date Issued: 2020
- Authors: Mdunyelwa, Vuyolwethu Sizoli
- Date: 2020
- Subjects: Blended learning , Blended learning -- Case studies Computer security
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/49940 , vital:41890
- Description: With the recent increase in cyber-related attacks, cybersecurity is becoming a key area of concern for many organisations. Cybersecurity vulnerabilities are typically addressed through the implementation of various cybersecurity controls. These controls can be operational, technical or physical in nature. The focus of this research, however, is on technical controls with a specific focus on securing web applications. This research investigated whether third year software development students at the Nelson Mandela University adhered to secure coding practices in their capstone projects. In order to determine adherence, secure coding practices were identified from OWASP for the data access layer in web applications developed in the .NET environment. This was addressed by Secondary Objective, which was To determine what secure coding practices a web application developer should adhere to in the .NET environment. These secure coding practices were used to conduct a code review on 2015 third year capstone projects, and addressed Secondary Objective, To determine the adherence of third year software development capstone projects to the identified secure coding practices. The results for the code review were analysed and indicated low levels of adherence which led to the Problem Statement of this research, namely: Undergraduate software development students do not consistently adhere to secure coding practices when developing their third-year capstone projects, thereby leading to vulnerabilities in their web applications. In order to address this Problem Statement, the Primary Objective was identified, To develop a framework for teaching secure coding practices through a blended learning approach. Secondary Objective, To determine whether third year software development students have the requisite knowledge relating to secure coding, took the form of a questionnaire to assess students' knowledge relating to secure coding practices. This required the achievement of further sub-objectives which addressed both the knowledge and behaviour of software development students. The results of this questionnaire indicated that many of the third-year software development students lacked the requisite knowledge. This lack of knowledge and adherence was addressed through an educational intervention, meeting Secondary Objective, To design and implement an educational intervention to support software development students in the development of secure web applications. In terms of knowledge, online lessons were developed addressing each of the secure coding practices identified. In order to address adherence, students were given a checklist to monitor their adherence to the identified secure coding practices. Secondary Objective, To determine the exact of the educational intervention on both student adherence and their requisite knowledge regarding secure coding practices, involved the varication of the educational intervention, and comprised of two components, knowledge and behaviour. Knowledge varication took the form of an online questionnaire given to 2017 third year project students. To address behavioural adherence, the researcher conducted a code review on the 2017 capstone projects. The results from the varication showed a general improvement in students' knowledge and high levels of adherence to secure coding practices. Finally, a framework was developed that encompassed the key elements of this research, thereby providing guidance to support the development of se cure web applications in higher education institutions and meeting the primary objective of this study.
- Full Text:
- Date Issued: 2020
A framework to enhance Information and Communication Technology (ICT) readiness for business continuity at the South African Revenue Services (SARS)
- Authors: Mathase, Euphodia
- Date: 2020
- Subjects: Internet in public administration -- Taxation -- South Africa Electronic commerce -- Government policy -- South Africa
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/49496 , vital:41726
- Description: Many organisations, especially public sector organisations, are required to ensure that they are able to continue with their operation in cases of major disasters that affect the organisations. In the same light, the South African Revenue Services (SARS), being a quasi-government organisation, faces a similar phenomenon. The main purpose of conducting this research was to explore a problem in depth that was identified at the SARS. SARS does not have a comprehensive business continuity plan. The study therefore examined possible techniques or actions for ensuring information and communication technology (ICT) readiness and business continuity, explored various frameworks and policy documents which will assist public entities with readiness for business continuity, and identified frameworks that will assist SARS in implementing an effective ICT readiness for business continuity. The study adopted the design science research approach and aspects of design science research in information systems. Data gathered through the questionnaire instrument was used to design a framework that can be adopted at SARS to enhance ICT readiness for business continuity. The research findings show the importance of effective business continuity management (BCM) and a framework that can be used to implement an effective BCM.
- Full Text:
- Date Issued: 2020
- Authors: Mathase, Euphodia
- Date: 2020
- Subjects: Internet in public administration -- Taxation -- South Africa Electronic commerce -- Government policy -- South Africa
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/49496 , vital:41726
- Description: Many organisations, especially public sector organisations, are required to ensure that they are able to continue with their operation in cases of major disasters that affect the organisations. In the same light, the South African Revenue Services (SARS), being a quasi-government organisation, faces a similar phenomenon. The main purpose of conducting this research was to explore a problem in depth that was identified at the SARS. SARS does not have a comprehensive business continuity plan. The study therefore examined possible techniques or actions for ensuring information and communication technology (ICT) readiness and business continuity, explored various frameworks and policy documents which will assist public entities with readiness for business continuity, and identified frameworks that will assist SARS in implementing an effective ICT readiness for business continuity. The study adopted the design science research approach and aspects of design science research in information systems. Data gathered through the questionnaire instrument was used to design a framework that can be adopted at SARS to enhance ICT readiness for business continuity. The research findings show the importance of effective business continuity management (BCM) and a framework that can be used to implement an effective BCM.
- Full Text:
- Date Issued: 2020
A framework to guide cybersecurity governance efforts in non-profit organisations
- Authors: le Roux, Wickus
- Date: 2019
- Subjects: Computer security , Information technology Nonprofit organizations -- security measures
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/44918 , vital:38188
- Description: The average non-profit organisation is faced with the same cybersecurity challenges as an international multi-corporation that generates income. However, it may lack the competencies or resources to fully utilise, implement, monitor, or evaluate cybersecurity governance to a satisfactory or acceptable level. A literature review revealed limited publicly accessible documents to guide NPOs in particular in the task of cybersecurity governance. Therefore, the problem addressed by this research is the lack of a framework to guide cybersecurity governance efforts in non-profit organisations. This real-world problem was approached using the design science paradigm. It was important to identify, firstly, factors unique to the general context of non-profit organisations, including the constraints and limitations faced by non-profit organisations. Secondly, the key cyber risks for non-profit organisations and how they can materialise through the use of emails, social media, and BYODs in the NPO context, were identified. As a third step, available cybersecurity governance guidelines were analysed to determine best practices. This investigation also revealed the people, process, and technology elements as the pillars of information security. This resulted in the development of a framework (the PotLer framework) to guide cybersecurity governance efforts in non-profit organisations based on the input of the three points mentioned above. The framework was constructed around four conceptual elements, namely information security governance; people, process, and technology; governance elements; and key risks. The PotLer framework expands the high-level generic constructs beyond the conceptual space and provides implementation guidance in the form of a questionnaire to be completed by NPOs. The questionnaire was developed as an interactive spreadsheet that requires “Yes” or “No” responses from participants and generates a recommendation based on these answers. To evaluate the PotLer framework, the aforementioned questionnaire was completed by four NPOs. An additional questionnaire obtained their input on the utility and comprehensiveness of the framework.
- Full Text:
- Date Issued: 2019
- Authors: le Roux, Wickus
- Date: 2019
- Subjects: Computer security , Information technology Nonprofit organizations -- security measures
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/44918 , vital:38188
- Description: The average non-profit organisation is faced with the same cybersecurity challenges as an international multi-corporation that generates income. However, it may lack the competencies or resources to fully utilise, implement, monitor, or evaluate cybersecurity governance to a satisfactory or acceptable level. A literature review revealed limited publicly accessible documents to guide NPOs in particular in the task of cybersecurity governance. Therefore, the problem addressed by this research is the lack of a framework to guide cybersecurity governance efforts in non-profit organisations. This real-world problem was approached using the design science paradigm. It was important to identify, firstly, factors unique to the general context of non-profit organisations, including the constraints and limitations faced by non-profit organisations. Secondly, the key cyber risks for non-profit organisations and how they can materialise through the use of emails, social media, and BYODs in the NPO context, were identified. As a third step, available cybersecurity governance guidelines were analysed to determine best practices. This investigation also revealed the people, process, and technology elements as the pillars of information security. This resulted in the development of a framework (the PotLer framework) to guide cybersecurity governance efforts in non-profit organisations based on the input of the three points mentioned above. The framework was constructed around four conceptual elements, namely information security governance; people, process, and technology; governance elements; and key risks. The PotLer framework expands the high-level generic constructs beyond the conceptual space and provides implementation guidance in the form of a questionnaire to be completed by NPOs. The questionnaire was developed as an interactive spreadsheet that requires “Yes” or “No” responses from participants and generates a recommendation based on these answers. To evaluate the PotLer framework, the aforementioned questionnaire was completed by four NPOs. An additional questionnaire obtained their input on the utility and comprehensiveness of the framework.
- Full Text:
- Date Issued: 2019
A framework to integrate secure programming principles into undergraduate computing curricula
- Authors: Bangani, Sifiso Matthews
- Date: 2020
- Subjects: Information technology -- Study and teaching (Higher) , Electronic data processing personnel -- Training of Computer software -- Development
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/46019 , vital:39409
- Description: Many graduate software developers are not competent in secure programming, resulting in risks that are caused by vulnerabilities in the application code of software applications. These graduate software developers are equipped with programming knowledge and skills from universities, however, these software developers are rarely equipped with secure programming knowledge and skills from the undergraduate level. Although there are various techniques for writing secure code in the current body of knowledge, these techniques are rarely fundamental components of a computing curriculum, resulting in incompetent graduate software developers. The security aspect of software applications, is considered as an important aspect that can reflect the ability of a system to prevent data exposures and loss of information. For businesses that rely on software applications to keep operations running, a failure of a software application can stop production, interrupt processes, and may lead to data breaches and financial losses. This research argued that secure programming education needs to be included across computing curricula, and thus, the primary objective of this dissertation was: To develop a framework for integrating secure programming principles into undergraduate computing curricula. It proposes a framework for the incorporation of secure programming principles into undergraduate computing curricula, through a step-by-step approach. This framework includes the identification of application risks and secure programming practices as they relate to each other, and to the basic programming concepts taught to undergraduate students. It specifically aims to improve the security of software applications developed in the .Net framework environment. The main research methods used in this study included a literature view, thematic content analysis, argumentation, and modelling.
- Full Text:
- Date Issued: 2020
- Authors: Bangani, Sifiso Matthews
- Date: 2020
- Subjects: Information technology -- Study and teaching (Higher) , Electronic data processing personnel -- Training of Computer software -- Development
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/46019 , vital:39409
- Description: Many graduate software developers are not competent in secure programming, resulting in risks that are caused by vulnerabilities in the application code of software applications. These graduate software developers are equipped with programming knowledge and skills from universities, however, these software developers are rarely equipped with secure programming knowledge and skills from the undergraduate level. Although there are various techniques for writing secure code in the current body of knowledge, these techniques are rarely fundamental components of a computing curriculum, resulting in incompetent graduate software developers. The security aspect of software applications, is considered as an important aspect that can reflect the ability of a system to prevent data exposures and loss of information. For businesses that rely on software applications to keep operations running, a failure of a software application can stop production, interrupt processes, and may lead to data breaches and financial losses. This research argued that secure programming education needs to be included across computing curricula, and thus, the primary objective of this dissertation was: To develop a framework for integrating secure programming principles into undergraduate computing curricula. It proposes a framework for the incorporation of secure programming principles into undergraduate computing curricula, through a step-by-step approach. This framework includes the identification of application risks and secure programming practices as they relate to each other, and to the basic programming concepts taught to undergraduate students. It specifically aims to improve the security of software applications developed in the .Net framework environment. The main research methods used in this study included a literature view, thematic content analysis, argumentation, and modelling.
- Full Text:
- Date Issued: 2020
A framework to measure the degree of alignment between corporate and IT/IS objectives at Randwater
- Authors: Sigasa, Moshane Lydia
- Date: 2020
- Subjects: Business enterprises -- Computer networks -- Security measures , Data protection Information technology -- Security measures
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/47156 , vital:39818
- Description: The South African Government has institutionalised a Corporate Governance of ICT Policy Framework which was developed by Department of Public Service and Administration (DPSA). The framework has adopted some elements of KING III, ISO 38500 and COBIT. Consequently, it is now a requirement by the South African Government that all its entities must adopt this framework. Nevertheless, it is not clear how government has emphasised this alignment in such entities. The problem statement in this study was that Randwater is unable to realise full value of the investment in IT/IS because there is misalignment between IT objectives or deliverables and the corporate objectives. This study sought to identify a suitable framework which meets the ICT policy criteria as set out by the DPSA, which will facilitate the alignment between corporate objectives and IT/IS objectives at Randwater. This was achieved through the development and refinement of the artefact through the various iteration phases. Additionally, an online survey was used to collect data from a focus group comprising IT experts and senior management at Randwater. The Information Technology Governance Institute Framework was employed to assist in the development of the questions. The survey results were utilised during the validation of the artefact produced by this research study in a workshop. The findings were then linked with the related literature which either supported or rejected the findings through discussions on the literature and thereafter conclusions were made based on these findings. Furthermore, a literature review was conducted to gain a better understanding of what has been done in the field of research in order to assist in defining the problem that this research seeks to solve so as to inform the development of design characteristics. The research process employed the Nelson Mandela University – Design Science Strategy Methodology referred to as (NMU – DSSM) with the goal of developing an artefact in the form of a framework. The research process entailed studying the existing literature and analysing the aspects relating to corporate governance, IT governance, frameworks, and strategies to be able to measure the degree of alignment. The phases of designing the artefact were analysis, design, evaluate, validate and diffuse phases. The final artefact developed was a framework that incorporated the principles of King IV and ISO 38500 in corporate governance and ICT goals alignment. The final artefact also embedded transparency, accountability and security as important elements in the implementation of the artefact. The survey findings were instrumental in the development of the artefact that brings alignment between business strategy and IT objectives at Randwater. From the findings, in terms of IT flexibility, it was revealed that the interrelated parts of the system at Randwater were modular. It was also concluded that there is lack of communication about the manner in which the components of the information systems are organised and integrated in order to allow for rapid changes and that the organisational IT infrastructure and applications were loosely coupled. The findings further revealed that the business had established corporate rules and standards for hardware and operating systems to ensure platform compatibility. It was also revealed that organisational IT applications were developed based on compliance guidelines. In terms of IT-enabled dynamic capabilities, it was revealed that IT systems at Randwater are not capable of scanning the environment and identifying new business opportunities and are not capable of anticipating discontinuities arising in the business domain by developing greater reactive and proactive strength. It was also revealed that it was concluded that IT systems were capable of achieving strategic alignment between IT flexibility and dynamic capabilities. Therefore, design science was the ideal research paradigm towards addressing the research problem and the artefact designed was a viable research contribution. The significance of the study was that it contributed to the development of technology-based solutions to an important and relevant business problem of alignment of business strategy to IT goals. The design evaluation, the utility, quality, and efficacy of the final design artefact was rigorously demonstrated via well-executed evaluation methods. The study also contributed to the literature
- Full Text:
- Date Issued: 2020
- Authors: Sigasa, Moshane Lydia
- Date: 2020
- Subjects: Business enterprises -- Computer networks -- Security measures , Data protection Information technology -- Security measures
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/47156 , vital:39818
- Description: The South African Government has institutionalised a Corporate Governance of ICT Policy Framework which was developed by Department of Public Service and Administration (DPSA). The framework has adopted some elements of KING III, ISO 38500 and COBIT. Consequently, it is now a requirement by the South African Government that all its entities must adopt this framework. Nevertheless, it is not clear how government has emphasised this alignment in such entities. The problem statement in this study was that Randwater is unable to realise full value of the investment in IT/IS because there is misalignment between IT objectives or deliverables and the corporate objectives. This study sought to identify a suitable framework which meets the ICT policy criteria as set out by the DPSA, which will facilitate the alignment between corporate objectives and IT/IS objectives at Randwater. This was achieved through the development and refinement of the artefact through the various iteration phases. Additionally, an online survey was used to collect data from a focus group comprising IT experts and senior management at Randwater. The Information Technology Governance Institute Framework was employed to assist in the development of the questions. The survey results were utilised during the validation of the artefact produced by this research study in a workshop. The findings were then linked with the related literature which either supported or rejected the findings through discussions on the literature and thereafter conclusions were made based on these findings. Furthermore, a literature review was conducted to gain a better understanding of what has been done in the field of research in order to assist in defining the problem that this research seeks to solve so as to inform the development of design characteristics. The research process employed the Nelson Mandela University – Design Science Strategy Methodology referred to as (NMU – DSSM) with the goal of developing an artefact in the form of a framework. The research process entailed studying the existing literature and analysing the aspects relating to corporate governance, IT governance, frameworks, and strategies to be able to measure the degree of alignment. The phases of designing the artefact were analysis, design, evaluate, validate and diffuse phases. The final artefact developed was a framework that incorporated the principles of King IV and ISO 38500 in corporate governance and ICT goals alignment. The final artefact also embedded transparency, accountability and security as important elements in the implementation of the artefact. The survey findings were instrumental in the development of the artefact that brings alignment between business strategy and IT objectives at Randwater. From the findings, in terms of IT flexibility, it was revealed that the interrelated parts of the system at Randwater were modular. It was also concluded that there is lack of communication about the manner in which the components of the information systems are organised and integrated in order to allow for rapid changes and that the organisational IT infrastructure and applications were loosely coupled. The findings further revealed that the business had established corporate rules and standards for hardware and operating systems to ensure platform compatibility. It was also revealed that organisational IT applications were developed based on compliance guidelines. In terms of IT-enabled dynamic capabilities, it was revealed that IT systems at Randwater are not capable of scanning the environment and identifying new business opportunities and are not capable of anticipating discontinuities arising in the business domain by developing greater reactive and proactive strength. It was also revealed that it was concluded that IT systems were capable of achieving strategic alignment between IT flexibility and dynamic capabilities. Therefore, design science was the ideal research paradigm towards addressing the research problem and the artefact designed was a viable research contribution. The significance of the study was that it contributed to the development of technology-based solutions to an important and relevant business problem of alignment of business strategy to IT goals. The design evaluation, the utility, quality, and efficacy of the final design artefact was rigorously demonstrated via well-executed evaluation methods. The study also contributed to the literature
- Full Text:
- Date Issued: 2020
A model for the detection of breast cancer using machine learning and thermal images in a mobile environment
- Authors: Lennox, Nicholas
- Date: 2020
- Subjects: Breast -- Cancer -- Imaging , Breast -- Imaging Mobile communication systems
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/46097 , vital:39492
- Description: Breast cancer is the most common cancer amongst women and one of the deadliest. Various modalities exist which image the breasts, all with a focus on early detection; thermography is one such method. It is a non-invasive test, which is safe and can be used for a wide variety of breast densities. It functions by analysing thermal patterns captured via an infrared camera of the surface of the breast. Advances in infrared and mobile technology enable this modality to be mobile based; allowing a high degree of portability at a lower cost. Furthermore, as technology has improved, machine learning has played a larger role in medical practices by offering unbiased, consistent, and timely second opinions. Machine learning algorithms are able to classify medical images automatically if offered in the correct format. This study aims to provide a model, which integrates breast cancer detection, thermal imaging, machine learning, and mobile technology. The conceptual model is theorised from three literature studies regarding: identifiable aspects of breast cancer through thermal imaging, the mobile ecosystem, and classification using machine learning algorithms. The model is implemented and evaluated using an experiment designed to classify automatically thermal breast images of the same quality that mobile attachable thermal cameras are able to capture. The experiment contrasts various combinations of segmentation methods, extracted features, and classification algorithms. Promising results were shown in the experiment with a high degree of accuracy obtained. The successful results obtained from the experimentation process validates the feasibility of the model.
- Full Text:
- Date Issued: 2020
- Authors: Lennox, Nicholas
- Date: 2020
- Subjects: Breast -- Cancer -- Imaging , Breast -- Imaging Mobile communication systems
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/46097 , vital:39492
- Description: Breast cancer is the most common cancer amongst women and one of the deadliest. Various modalities exist which image the breasts, all with a focus on early detection; thermography is one such method. It is a non-invasive test, which is safe and can be used for a wide variety of breast densities. It functions by analysing thermal patterns captured via an infrared camera of the surface of the breast. Advances in infrared and mobile technology enable this modality to be mobile based; allowing a high degree of portability at a lower cost. Furthermore, as technology has improved, machine learning has played a larger role in medical practices by offering unbiased, consistent, and timely second opinions. Machine learning algorithms are able to classify medical images automatically if offered in the correct format. This study aims to provide a model, which integrates breast cancer detection, thermal imaging, machine learning, and mobile technology. The conceptual model is theorised from three literature studies regarding: identifiable aspects of breast cancer through thermal imaging, the mobile ecosystem, and classification using machine learning algorithms. The model is implemented and evaluated using an experiment designed to classify automatically thermal breast images of the same quality that mobile attachable thermal cameras are able to capture. The experiment contrasts various combinations of segmentation methods, extracted features, and classification algorithms. Promising results were shown in the experiment with a high degree of accuracy obtained. The successful results obtained from the experimentation process validates the feasibility of the model.
- Full Text:
- Date Issued: 2020
A strategic approach towards the successful implementation of corporate governance of Information and Communication Technology in the Kwazulu-Natal Department of Social Development
- Authors: Siziba, Makabongwe Johnson
- Date: 2020
- Subjects: Corporate governance -- South Africa -- KwaZulu-Natal -- Management Information technology -- Management -- South Africa -- KwaZulu-Natal
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/49617 , vital:41741
- Description: Information is a critical asset in any organisation and its management, including the associated technological channels, requires the attention of decision-makers to ensure that information assets are utilised for the intended purposes. Therefore, decision-makers need to have appropriate governance oversight on technology that produces information and information itself. Over the years, the governance of ICT has been adopted in the public sector given the fact that state funding received from tax collections is utilised to invest in IT solutions with the intention of expediting service delivery and increase productivity. The purpose of this treatise was to identify the root causes of why the department is not implementing Corporate Governance of ICT successfully despite the fact that most good controls do exist. The research revealed that there is insufficient budget to implement ICT projects coupled with inadequate ICT staff to implement ICT strategy. Furthermore, it cited a lack of ICT governance skills with ICT Strategic Committee members who are tasked with pioneering ICT governance. This weakness relates directly to other identified weaknesses such as end-user resistance to adopt ICT projects and a lack of project management function in the department.
- Full Text:
- Date Issued: 2020
- Authors: Siziba, Makabongwe Johnson
- Date: 2020
- Subjects: Corporate governance -- South Africa -- KwaZulu-Natal -- Management Information technology -- Management -- South Africa -- KwaZulu-Natal
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/49617 , vital:41741
- Description: Information is a critical asset in any organisation and its management, including the associated technological channels, requires the attention of decision-makers to ensure that information assets are utilised for the intended purposes. Therefore, decision-makers need to have appropriate governance oversight on technology that produces information and information itself. Over the years, the governance of ICT has been adopted in the public sector given the fact that state funding received from tax collections is utilised to invest in IT solutions with the intention of expediting service delivery and increase productivity. The purpose of this treatise was to identify the root causes of why the department is not implementing Corporate Governance of ICT successfully despite the fact that most good controls do exist. The research revealed that there is insufficient budget to implement ICT projects coupled with inadequate ICT staff to implement ICT strategy. Furthermore, it cited a lack of ICT governance skills with ICT Strategic Committee members who are tasked with pioneering ICT governance. This weakness relates directly to other identified weaknesses such as end-user resistance to adopt ICT projects and a lack of project management function in the department.
- Full Text:
- Date Issued: 2020
A strategy to motivate continued instructor usage of learning management systems (LMSS) in higher learning institutions of Zimbabwe
- Authors: Siwela, Ndukuyenkosi
- Date: 2020
- Subjects: Web-based instruction , Computer systems Organizational learning -- Zimbabwe Internet in education
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/47259 , vital:39837
- Description: The purpose of this study was to develop a strategy to motivate continued usage of Learning Management Systems in higher learning institutions of Zimbabwe. A related goal was to identify unique challenges experienced by instructors in their use of LMSs. The use of LMSs is now global and has been fairly successful in developed countries even though past research shows that instructors tend to discontinue usage over a period of time. Whereas most LMSs research is carried in the context of the developed world, the candidate demonstrates that Vantankesh's IS Success Model and Davis' Technology Acceptance Model can be successfully replicated into the developing world on condition that local environment is taken into context. The results showed that LMSs in Zimbabwe higher learning institutions hold a promise of success even though challenges exist. The findings have wider implications on the need to invest in neccessary infrustructure and future predictions on learner interests. The study demonstrates that shared success can be achieved if the local conditions are taken into context when developing a strategy to motivate instructor continued LMS usage. The study holds the practical implication that institutions can motivate instructors to continue with usage of LMSs to deliver quality output in their daily duties.
- Full Text:
- Date Issued: 2020
- Authors: Siwela, Ndukuyenkosi
- Date: 2020
- Subjects: Web-based instruction , Computer systems Organizational learning -- Zimbabwe Internet in education
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/47259 , vital:39837
- Description: The purpose of this study was to develop a strategy to motivate continued usage of Learning Management Systems in higher learning institutions of Zimbabwe. A related goal was to identify unique challenges experienced by instructors in their use of LMSs. The use of LMSs is now global and has been fairly successful in developed countries even though past research shows that instructors tend to discontinue usage over a period of time. Whereas most LMSs research is carried in the context of the developed world, the candidate demonstrates that Vantankesh's IS Success Model and Davis' Technology Acceptance Model can be successfully replicated into the developing world on condition that local environment is taken into context. The results showed that LMSs in Zimbabwe higher learning institutions hold a promise of success even though challenges exist. The findings have wider implications on the need to invest in neccessary infrustructure and future predictions on learner interests. The study demonstrates that shared success can be achieved if the local conditions are taken into context when developing a strategy to motivate instructor continued LMS usage. The study holds the practical implication that institutions can motivate instructors to continue with usage of LMSs to deliver quality output in their daily duties.
- Full Text:
- Date Issued: 2020
A vision based multirotor aircraft for use in the security industry
- Authors: Nelson, Benjamin David
- Date: 2020
- Subjects: Drone aircraft -- South Africa , Mechatronics -- Research
- Language: English
- Type: Thesis , Masters , MEng
- Identifier: http://hdl.handle.net/10948/46816 , vital:39664
- Description: This research consisted of developing a vision based multirotor aircraft that could be used in the security industry. A second-hand aircraft was purchased and modified. The aircraft made use of a Pixhawk flight controller and a Odroid XU4 companion computer, which resulted in the computer injecting commands into the flight controller. Robot Operating System was installed and used on the companion computer to integrate the vision system and the aircraft. The vision system was designed to help develop a landing system where the aircraft would land on an ArUco marker. The vision system also allowed the aircraft to detect and follow humans. A Software in the Loop (SITL) was run alongside Gazebo, allowing the developed landing system and the human detecting system to be simulated and tested. The developed landing system was implemented on the aircraft, where the developed landing system was tested and compared to the aircraft’s current GPS based landing system. The developed landing system obtained a better overall accuracy , while also taking longer to land the aircraft compared to the GPS based landing system. There were also numerous manual and autonomous test flights implemented on the aircraft.
- Full Text:
- Date Issued: 2020
- Authors: Nelson, Benjamin David
- Date: 2020
- Subjects: Drone aircraft -- South Africa , Mechatronics -- Research
- Language: English
- Type: Thesis , Masters , MEng
- Identifier: http://hdl.handle.net/10948/46816 , vital:39664
- Description: This research consisted of developing a vision based multirotor aircraft that could be used in the security industry. A second-hand aircraft was purchased and modified. The aircraft made use of a Pixhawk flight controller and a Odroid XU4 companion computer, which resulted in the computer injecting commands into the flight controller. Robot Operating System was installed and used on the companion computer to integrate the vision system and the aircraft. The vision system was designed to help develop a landing system where the aircraft would land on an ArUco marker. The vision system also allowed the aircraft to detect and follow humans. A Software in the Loop (SITL) was run alongside Gazebo, allowing the developed landing system and the human detecting system to be simulated and tested. The developed landing system was implemented on the aircraft, where the developed landing system was tested and compared to the aircraft’s current GPS based landing system. The developed landing system obtained a better overall accuracy , while also taking longer to land the aircraft compared to the GPS based landing system. There were also numerous manual and autonomous test flights implemented on the aircraft.
- Full Text:
- Date Issued: 2020
Adaptive Neuro-Fuzzy Inference System modelling of surface topology in ultra-high precision diamond turning of rapidly solidified aluminium grade (RSA 443)
- Authors: Zvikomborero, Hweju
- Date: 2020
- Subjects: Mechatronics Surface roughness -- Measurement
- Language: English
- Type: Thesis , Masters , MEng
- Identifier: http://hdl.handle.net/10948/49441 , vital:41721
- Description: Surface roughness prediction is a crucial stage during product manufacturing since it acts as a quality indicator. This investigative research thesis presents an online surface roughness prediction, based on the Adaptive Neuro-Fuzzy Inference System (ANFIS) model during Ultra-High Precision Diamond Turning (UHPDT) of Rapidly Solidified Aluminium (RSA-443) using water and kerosene as coolants. Based on the Taguchi L9 orthogonal array, the cutting parameters (spindle speed, depth of cut and feed rate) are varied at three levels. Acoustic Emission (AE) signals are detected during the UHPDT process using a piezoelectric sensor. Spindle speed, depth of cut, feed rate, AE root mean square, prominent frequency and peak rate are considered as model inputs in this thesis. The experimental results reveal that a better surface finish is obtained using water coolant in comparison to kerosene coolant. Mean Absolute Percentage Error (MAPE) based comparison between ANFIS and Response Surface Method (RSM) is carried out. In this study, the ANFIS model has a prediction accuracy of 79.42% and 69.40% on water-based and kerosene-based results respectively. The RSM model yields higher prediction accuracies of 98.59% and 95.55% on water-based and kerosene-based results respectively.
- Full Text:
- Date Issued: 2020
- Authors: Zvikomborero, Hweju
- Date: 2020
- Subjects: Mechatronics Surface roughness -- Measurement
- Language: English
- Type: Thesis , Masters , MEng
- Identifier: http://hdl.handle.net/10948/49441 , vital:41721
- Description: Surface roughness prediction is a crucial stage during product manufacturing since it acts as a quality indicator. This investigative research thesis presents an online surface roughness prediction, based on the Adaptive Neuro-Fuzzy Inference System (ANFIS) model during Ultra-High Precision Diamond Turning (UHPDT) of Rapidly Solidified Aluminium (RSA-443) using water and kerosene as coolants. Based on the Taguchi L9 orthogonal array, the cutting parameters (spindle speed, depth of cut and feed rate) are varied at three levels. Acoustic Emission (AE) signals are detected during the UHPDT process using a piezoelectric sensor. Spindle speed, depth of cut, feed rate, AE root mean square, prominent frequency and peak rate are considered as model inputs in this thesis. The experimental results reveal that a better surface finish is obtained using water coolant in comparison to kerosene coolant. Mean Absolute Percentage Error (MAPE) based comparison between ANFIS and Response Surface Method (RSM) is carried out. In this study, the ANFIS model has a prediction accuracy of 79.42% and 69.40% on water-based and kerosene-based results respectively. The RSM model yields higher prediction accuracies of 98.59% and 95.55% on water-based and kerosene-based results respectively.
- Full Text:
- Date Issued: 2020
An indirectly controlled high-speed servo valve using piezo actuators
- Authors: Behre, Leander
- Date: 2015
- Subjects: Piezoelectric materials Piezoelectric devices -- Materials , Internal combustion engines Mechatronics Automation
- Language: English
- Type: Thesis , Masters , MEng
- Identifier: http://hdl.handle.net/10948/50099 , vital:42040
- Description: Since the exhaust emissions legislation for motor vehicles with combustion engines is complicating the manufacturing of environmental yet powerful engines more than ever, automobile manufacturers have approached this challenge by means of downsizing, hybridization of combustion and electric engines and variable valve opening times. In these cases conventional, mechanical valve trains are still used. The subject of this master thesis is the development of a mechatronic control unit as replacement for the camshaft driven valve train of common combustion engines. The system’s aim is a contribution to the progression of the development of modern combustion engines satisfying current demands in terms of economy and efficiency. The developed system is based on the “Full Variable Valve Train” project, founded at the “Institute of Vehicle Construction Wolfsburg” at the “Ostfalia University of Applied Sciences”. An indirectly controlled high speed servo valve that is actuated by a piezoelectric actuator and pressurized hydraulic fluid is being developed. The overall aim is to obtain advantages from a control engineering perspective, being able to reduce the size of the used piezo actuator and hence solve the packaging and regulation issues of the overall system. After manufacturing and improvement activities, a system could be developed that allows a variable control of the engine valve movement. The best results are achieved using a rectangular function for the engine valve actuator. The system allows engine valve operation independent from the crankshaft position and shows the potential to generate higher engine torque and power output while decreasing fuel consumption and emissions at the same time.
- Full Text:
- Date Issued: 2015
- Authors: Behre, Leander
- Date: 2015
- Subjects: Piezoelectric materials Piezoelectric devices -- Materials , Internal combustion engines Mechatronics Automation
- Language: English
- Type: Thesis , Masters , MEng
- Identifier: http://hdl.handle.net/10948/50099 , vital:42040
- Description: Since the exhaust emissions legislation for motor vehicles with combustion engines is complicating the manufacturing of environmental yet powerful engines more than ever, automobile manufacturers have approached this challenge by means of downsizing, hybridization of combustion and electric engines and variable valve opening times. In these cases conventional, mechanical valve trains are still used. The subject of this master thesis is the development of a mechatronic control unit as replacement for the camshaft driven valve train of common combustion engines. The system’s aim is a contribution to the progression of the development of modern combustion engines satisfying current demands in terms of economy and efficiency. The developed system is based on the “Full Variable Valve Train” project, founded at the “Institute of Vehicle Construction Wolfsburg” at the “Ostfalia University of Applied Sciences”. An indirectly controlled high speed servo valve that is actuated by a piezoelectric actuator and pressurized hydraulic fluid is being developed. The overall aim is to obtain advantages from a control engineering perspective, being able to reduce the size of the used piezo actuator and hence solve the packaging and regulation issues of the overall system. After manufacturing and improvement activities, a system could be developed that allows a variable control of the engine valve movement. The best results are achieved using a rectangular function for the engine valve actuator. The system allows engine valve operation independent from the crankshaft position and shows the potential to generate higher engine torque and power output while decreasing fuel consumption and emissions at the same time.
- Full Text:
- Date Issued: 2015
An internal audit expectation gap: South African Revenue Services project audit engagements
- Authors: Sekhwela, Mmanapo Bella
- Date: 2020
- Subjects: Electronic data processing -- Auditing , Business enterprises -- Computer networks -- Security measures Information technology -- Security measures Computer security
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/47139 , vital:39815
- Description: South African Revenue Services (SARS) was established as a quasi-government organisation with a mandate to efficiently and effectively collect revenue based on the export, import, movement, manufacture and storage of specific goods. Information Technology (IT) governance is strategically important to SARS in that its business processes are technology driven and that technology projects are implemented to support the SARS strategic objectives. In alignment to the King code for corporate governance and ethical business practices, an Internal Audit Function (IAF) as a regulatory requirement of all public sector entities in South Africa exists at SARS. The aim of the research was to evaluate the perspectives of SARS stakeholders regarding the organisation’s IT project auditing process. The study focused on gathering data from various SARS stakeholders involved in the delivery of IT projects and IT projects auditing. Through a qualitative research approach, interviews were conducted with practitioners such as Internal Auditors, Internal Audit managers, and executives as well as project managers and ownersso asto obtain a holistic understanding of stakeholder expectations of an IT project audit. An analysis of the data collected led to the deduction of recommendations meant to enhance stakeholder perceptions of the IT audit function within SARS. The study found that there is a perceived value derived from IA reviews of IT projects. The findings also revealed that rather than lack of resources and expertise, skill set deficiencies were the major setback in achieving IA goals. The findings further revealed that there are deficiencies in the quality of IA reports. Some of the main recommendations were to expand the scope of the Internal Audit roles, intensify engagements of Internal Audits by the Enterprise Project Management Office (EPMO), improve the quality of reports, and capacitate Internal Auditors with reporting skills. This study presents a modest contribution that is expected to enrich knowledge on how to audit IT projects. Moreover, the study contributes towards a methodological position of design science by producing results from a smaller sample augmented by interview results in an environment characterised by smaller populations so that inferences can be made.
- Full Text:
- Date Issued: 2020
- Authors: Sekhwela, Mmanapo Bella
- Date: 2020
- Subjects: Electronic data processing -- Auditing , Business enterprises -- Computer networks -- Security measures Information technology -- Security measures Computer security
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/47139 , vital:39815
- Description: South African Revenue Services (SARS) was established as a quasi-government organisation with a mandate to efficiently and effectively collect revenue based on the export, import, movement, manufacture and storage of specific goods. Information Technology (IT) governance is strategically important to SARS in that its business processes are technology driven and that technology projects are implemented to support the SARS strategic objectives. In alignment to the King code for corporate governance and ethical business practices, an Internal Audit Function (IAF) as a regulatory requirement of all public sector entities in South Africa exists at SARS. The aim of the research was to evaluate the perspectives of SARS stakeholders regarding the organisation’s IT project auditing process. The study focused on gathering data from various SARS stakeholders involved in the delivery of IT projects and IT projects auditing. Through a qualitative research approach, interviews were conducted with practitioners such as Internal Auditors, Internal Audit managers, and executives as well as project managers and ownersso asto obtain a holistic understanding of stakeholder expectations of an IT project audit. An analysis of the data collected led to the deduction of recommendations meant to enhance stakeholder perceptions of the IT audit function within SARS. The study found that there is a perceived value derived from IA reviews of IT projects. The findings also revealed that rather than lack of resources and expertise, skill set deficiencies were the major setback in achieving IA goals. The findings further revealed that there are deficiencies in the quality of IA reports. Some of the main recommendations were to expand the scope of the Internal Audit roles, intensify engagements of Internal Audits by the Enterprise Project Management Office (EPMO), improve the quality of reports, and capacitate Internal Auditors with reporting skills. This study presents a modest contribution that is expected to enrich knowledge on how to audit IT projects. Moreover, the study contributes towards a methodological position of design science by producing results from a smaller sample augmented by interview results in an environment characterised by smaller populations so that inferences can be made.
- Full Text:
- Date Issued: 2020
An IT Risk Management Framework for provincial business entities : a case study for Limpopo Economic Development Agency, Limpopo Province, South Africa
- Authors: Mabitsela, Ngoakoana Unity
- Date: 2020
- Subjects: Risk management -- South Africa -- Limpopo Business enterprises -- Computer networks -- Security measures -- South Africa -- Limpopo , Information technology -- Security measures -- South Africa -- Limpopo
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/49463 , vital:41723
- Description: This study focused on a lack of an Information Technology Risk Management (ITRM) framework tailored for provincial business entities to assist with the management of IT risks. The research was aimed at developing a tailored IT risk management framework that would assist provincial business entities with an effective ITRM process. This was achieved through identifying factors that constitute an ITRM framework, determining the current IT risk management methods used in provincial business entities and assessing the IT risk culture. This research study was conducted at the Limpopo Economic Development Agency (LEDA), which is a provincial business entity in the Limpopo province. The objectives of the study were accomplished using a design science research approach which involved the creation of an artefact and design theory as a means to improve the current state of practice as well as existing research knowledge about provincial business entities and their management of IT risks. The Nelson Mandela University Design Science Methodology Framework (NMU-DSFM) was identified as the methodology to be followed to devise the contribution in the form of an artefact. It was found that the organisation does not have a positive IT risk culture. From the study of the data analysis performed, it was evident that provincial business entities have challenges associated with adequately identifying IT risks. The findings highlighted that for the proper management of risks, risk governance should be effective by ensuring that the board of directors takes the responsibility of IT risk management, and the essentials of risk governance were discussed at length. The research output for this study was a framework. The adoption of this framework may positively contribute to strengthening governance of IT risk management in the provincial business entities. Best practices were highlighted for ease of reference to determine what is required and how to implement this regarding IT risk management.
- Full Text:
- Date Issued: 2020
- Authors: Mabitsela, Ngoakoana Unity
- Date: 2020
- Subjects: Risk management -- South Africa -- Limpopo Business enterprises -- Computer networks -- Security measures -- South Africa -- Limpopo , Information technology -- Security measures -- South Africa -- Limpopo
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/49463 , vital:41723
- Description: This study focused on a lack of an Information Technology Risk Management (ITRM) framework tailored for provincial business entities to assist with the management of IT risks. The research was aimed at developing a tailored IT risk management framework that would assist provincial business entities with an effective ITRM process. This was achieved through identifying factors that constitute an ITRM framework, determining the current IT risk management methods used in provincial business entities and assessing the IT risk culture. This research study was conducted at the Limpopo Economic Development Agency (LEDA), which is a provincial business entity in the Limpopo province. The objectives of the study were accomplished using a design science research approach which involved the creation of an artefact and design theory as a means to improve the current state of practice as well as existing research knowledge about provincial business entities and their management of IT risks. The Nelson Mandela University Design Science Methodology Framework (NMU-DSFM) was identified as the methodology to be followed to devise the contribution in the form of an artefact. It was found that the organisation does not have a positive IT risk culture. From the study of the data analysis performed, it was evident that provincial business entities have challenges associated with adequately identifying IT risks. The findings highlighted that for the proper management of risks, risk governance should be effective by ensuring that the board of directors takes the responsibility of IT risk management, and the essentials of risk governance were discussed at length. The research output for this study was a framework. The adoption of this framework may positively contribute to strengthening governance of IT risk management in the provincial business entities. Best practices were highlighted for ease of reference to determine what is required and how to implement this regarding IT risk management.
- Full Text:
- Date Issued: 2020
Analytical evaluation of the effect of aggregate variation on Asphalt Mixture Properties
- Authors: Van Eck, Elandre
- Date: 2020
- Subjects: Aggregates (Building materials)
- Language: English
- Type: Thesis , Masters , MEng
- Identifier: http://hdl.handle.net/10948/49639 , vital:41743
- Description: This research study aimed to conduct an analytical evaluation of the effect of aggregate grading on the properties of asphalt mixtures. This was achieved by obtaining asphalt mix designs from approved civil engineering organisations and determining the relationship between the aggregate grading and the corresponding properties of the asphalt mix designs.
- Full Text: false
- Date Issued: 2020
- Authors: Van Eck, Elandre
- Date: 2020
- Subjects: Aggregates (Building materials)
- Language: English
- Type: Thesis , Masters , MEng
- Identifier: http://hdl.handle.net/10948/49639 , vital:41743
- Description: This research study aimed to conduct an analytical evaluation of the effect of aggregate grading on the properties of asphalt mixtures. This was achieved by obtaining asphalt mix designs from approved civil engineering organisations and determining the relationship between the aggregate grading and the corresponding properties of the asphalt mix designs.
- Full Text: false
- Date Issued: 2020
Applying blockchain technology to aspects of electronic health records in South Africa: lessons learnt
- Authors: Adlam, Ryno
- Date: 2020
- Subjects: Blockchains (Databases) , Database security Data protection Medical records -- Data processing
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/45996 , vital:39405
- Description: The purpose of this study was to explore the applicability of blockchain technology as a viable alternative for the secure storage and distribution of electronic health records in a South African context. The adoption of electronic health records (EHRs) has grown over recent years. Electronic health records (EHRs) can be seen as electronic versions of patients’ medical history. EHRs promise benefits such as improving the quality of care, reducing medical errors, reducing costs, saving time, and enhancing the availability and sharing of medical records. Blockchain, in simple terms, could be seen as a distributed database controlled by a group of individuals. Blockchain technology differs from other distributed ledger technology by bundling unrelated data into blocks that are chained together in a linked-list manner, hence the name blockchain. Blockchain technology strives to provide desirable features, such as decentralization, immutability, audibility, and transparency. EHRs are traditionally constructed with a cloud-based infrastructure to promote the storing and distribution of medical records. These medical records are commonly stored in a centralized architecture, such as a relational database. The centralized architecture employed by EHRs may present a single point of failure. These kinds of failures may lead to data-breaches. The cloud-based infrastructure is effective and efficient from an availability standpoint. The increased availability of electronic health records has brought forth challenges related to the security and privacy of the patient’s medical records. The sensitive nature of EHRs attracts the attention of cyber-criminals. There has been a rise in the number of data breaches related to electronic health records. The traditional infrastructure used by electronic health records can no longer ensure the privacy and security of patient’s medical records. To determine whether blockchain is a viable alternative to these approaches, the main objective of this study was to compile a technical report on the applicability of aspects of blockchain technology to the secure storage and distribution of electronic health records. The study first conducted a literature review to gather background on the current state of electronic health records and blockchain technology. The results of the literature review were used to compile an initial report. Experiments were conducted with various aspects of blockchain technology to build a technical baseline and to ultimately validate the initial report. The insights gained from the experiments served to refine the initial report into a final technical report. The final deliverable of this study was to devise a technical report. The technical report serves as a generalized overview of the applicability of blockchain technology as a secure storage and distribution mechanism for electronic health records. The main topics covered by the technical report to outline the applicability of blockchain technology to EHRs are as follows: authentication, authorization, audit log, storage and transactions. The insights gained from the study illustrate that permissioned blockchain technology can enhance the traditional AAA security scheme employed by traditional EHRs. The AAA security scheme entails the use of certificate-based authentication and attributebased access control for authorization. Audit logs can be stored in a semi-decentralized architecture that can enhance the security and privacy of audit logs. Using blockchain technology for storing electronic health records might not be a viable alternative to traditional EHRs architecture. Blockchain technology violates certain privacy regulations as information is stored in a permanent manner. Furthermore, blockchain technology is not optimized for dealing with large volumes of data. However, blockchain technology could be used to store a cryptographic hash of electronic health records to ensure the integrity of records. Permissioned blockchain technology can enhance the EHRs transaction process by transacting health records in a peer-to-peer infrastructure. In doing so, the above-mentioned AAA security scheme can enhance the security, confidentiality, and integrity of electronic health records shared across organizational bounds.
- Full Text:
- Date Issued: 2020
- Authors: Adlam, Ryno
- Date: 2020
- Subjects: Blockchains (Databases) , Database security Data protection Medical records -- Data processing
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/45996 , vital:39405
- Description: The purpose of this study was to explore the applicability of blockchain technology as a viable alternative for the secure storage and distribution of electronic health records in a South African context. The adoption of electronic health records (EHRs) has grown over recent years. Electronic health records (EHRs) can be seen as electronic versions of patients’ medical history. EHRs promise benefits such as improving the quality of care, reducing medical errors, reducing costs, saving time, and enhancing the availability and sharing of medical records. Blockchain, in simple terms, could be seen as a distributed database controlled by a group of individuals. Blockchain technology differs from other distributed ledger technology by bundling unrelated data into blocks that are chained together in a linked-list manner, hence the name blockchain. Blockchain technology strives to provide desirable features, such as decentralization, immutability, audibility, and transparency. EHRs are traditionally constructed with a cloud-based infrastructure to promote the storing and distribution of medical records. These medical records are commonly stored in a centralized architecture, such as a relational database. The centralized architecture employed by EHRs may present a single point of failure. These kinds of failures may lead to data-breaches. The cloud-based infrastructure is effective and efficient from an availability standpoint. The increased availability of electronic health records has brought forth challenges related to the security and privacy of the patient’s medical records. The sensitive nature of EHRs attracts the attention of cyber-criminals. There has been a rise in the number of data breaches related to electronic health records. The traditional infrastructure used by electronic health records can no longer ensure the privacy and security of patient’s medical records. To determine whether blockchain is a viable alternative to these approaches, the main objective of this study was to compile a technical report on the applicability of aspects of blockchain technology to the secure storage and distribution of electronic health records. The study first conducted a literature review to gather background on the current state of electronic health records and blockchain technology. The results of the literature review were used to compile an initial report. Experiments were conducted with various aspects of blockchain technology to build a technical baseline and to ultimately validate the initial report. The insights gained from the experiments served to refine the initial report into a final technical report. The final deliverable of this study was to devise a technical report. The technical report serves as a generalized overview of the applicability of blockchain technology as a secure storage and distribution mechanism for electronic health records. The main topics covered by the technical report to outline the applicability of blockchain technology to EHRs are as follows: authentication, authorization, audit log, storage and transactions. The insights gained from the study illustrate that permissioned blockchain technology can enhance the traditional AAA security scheme employed by traditional EHRs. The AAA security scheme entails the use of certificate-based authentication and attributebased access control for authorization. Audit logs can be stored in a semi-decentralized architecture that can enhance the security and privacy of audit logs. Using blockchain technology for storing electronic health records might not be a viable alternative to traditional EHRs architecture. Blockchain technology violates certain privacy regulations as information is stored in a permanent manner. Furthermore, blockchain technology is not optimized for dealing with large volumes of data. However, blockchain technology could be used to store a cryptographic hash of electronic health records to ensure the integrity of records. Permissioned blockchain technology can enhance the EHRs transaction process by transacting health records in a peer-to-peer infrastructure. In doing so, the above-mentioned AAA security scheme can enhance the security, confidentiality, and integrity of electronic health records shared across organizational bounds.
- Full Text:
- Date Issued: 2020
Applying the substitution augmentation modification redefinition model towards adoption of e-learning usage at Walter Sisulu University
- Authors: Mabona, Teoflax Anele
- Date: 2020
- Subjects: Educational technology -- South Africa Universities and colleges -- Computer-assisted instruction -- South Africa
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/49474 , vital:41724
- Description: The adoption of e-learning by universities around the world has grown drastically during this time of the Fourth Industrial Revolution. Most universities implement the full utilisation of e-learning, conducting classes only by using online course delivery. Some universities still prefer a blended learning approach where classes are presented to students using both the traditional way of teaching and online e-learning platforms. Walter Sisulu University (WSU) is one of those universities that uses blended learning. The university started using this approach in 2009, through a partnership between WSU and the Netherlands for learning and teaching enhancement using e-learning. The adoption and usage of e-learning in universities is a challenge, which some researchers have investigated. This study aimed to apply the Substitution; Augmentation; Modification; Redefinition (SAMR) Model to enhance the adoption of e-learning and its usage at WSU. To obtain results, a quantitative method using approaches, such as WiseUp logs, WiseUp e-learning usage publications, WSU e-learning documents and literature, was applied. The study, according to the WiseUp logs, found that the e-learning levels at the university were low. Using the WiseUp e-learning usage publications, revealed that the university was still having some challenges regarding the low usage of WiseUp. Some of the students were not aware of the WiseUp platform as they said the system was only shown to them once and never again for continuous training. Most lecturers’ challenge was that the system was time-consuming to upload online content. This study used the WSU e-learning documents to show that the institution employed some initiatives for the adoption and usage of WiseUp, such as the LTD (Learning Teaching Development) department orientating students about WiseUp, just after their registration. The study ‘s objective was achieved, which was to apply the Substitution; Augmentation; Modification; Redefinition (SAMR) Model to enhance the adoption and usage of e-learning at WSU. The study applied the Substitution; Augmentation; Modification; Redefinition (SAMR) Model to provide a clear understanding of WSU’s position in terms of e-learning adoption and usage. The overall result from the study showed that WSU was based mostly on the first three levels of teaching and learning integration into technology, and in the enhancement level of the Substitution; Augmentation; Modification; Redefinition (SAMR) Model. The researcher noted that much still needed to be done because the usage of the system was still very low but its integration into teaching and learning was positive.
- Full Text:
- Date Issued: 2020
- Authors: Mabona, Teoflax Anele
- Date: 2020
- Subjects: Educational technology -- South Africa Universities and colleges -- Computer-assisted instruction -- South Africa
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/49474 , vital:41724
- Description: The adoption of e-learning by universities around the world has grown drastically during this time of the Fourth Industrial Revolution. Most universities implement the full utilisation of e-learning, conducting classes only by using online course delivery. Some universities still prefer a blended learning approach where classes are presented to students using both the traditional way of teaching and online e-learning platforms. Walter Sisulu University (WSU) is one of those universities that uses blended learning. The university started using this approach in 2009, through a partnership between WSU and the Netherlands for learning and teaching enhancement using e-learning. The adoption and usage of e-learning in universities is a challenge, which some researchers have investigated. This study aimed to apply the Substitution; Augmentation; Modification; Redefinition (SAMR) Model to enhance the adoption of e-learning and its usage at WSU. To obtain results, a quantitative method using approaches, such as WiseUp logs, WiseUp e-learning usage publications, WSU e-learning documents and literature, was applied. The study, according to the WiseUp logs, found that the e-learning levels at the university were low. Using the WiseUp e-learning usage publications, revealed that the university was still having some challenges regarding the low usage of WiseUp. Some of the students were not aware of the WiseUp platform as they said the system was only shown to them once and never again for continuous training. Most lecturers’ challenge was that the system was time-consuming to upload online content. This study used the WSU e-learning documents to show that the institution employed some initiatives for the adoption and usage of WiseUp, such as the LTD (Learning Teaching Development) department orientating students about WiseUp, just after their registration. The study ‘s objective was achieved, which was to apply the Substitution; Augmentation; Modification; Redefinition (SAMR) Model to enhance the adoption and usage of e-learning at WSU. The study applied the Substitution; Augmentation; Modification; Redefinition (SAMR) Model to provide a clear understanding of WSU’s position in terms of e-learning adoption and usage. The overall result from the study showed that WSU was based mostly on the first three levels of teaching and learning integration into technology, and in the enhancement level of the Substitution; Augmentation; Modification; Redefinition (SAMR) Model. The researcher noted that much still needed to be done because the usage of the system was still very low but its integration into teaching and learning was positive.
- Full Text:
- Date Issued: 2020
Best practices to address medical identity theft awareness : the case of South African medical aid members
- Authors: Ah Why, Brandon Lawrence
- Date: 2020
- Subjects: Medical records -- Access control -- South Africa Identity theft -- South Africa
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/49396 , vital:41708
- Description: The prevalence of medical identity theft continues to increase. This is a concern for medical aid members within the South African private healthcare sector. Medical identity theft can be caused by various individuals, including internal and external role players. The deceptions involved in medical identity theft can affect medical aid members, the healthcare industry, and medical aids. Medical aid members remain unaware that they are victims of medical identity theft until they receive high medical bills or are notified by their healthcare providers. This research study focused on the lack of awareness of medical identity theft among medical aid members. The main objective of this research study was to propose best practices that can be used to address medical aid members’ awareness of medical identity theft in the South African private healthcare sector. Sub-objectives were used to achieve the main objective. The first sub-objective was to identify the parties causing and the parties affected by medical identity theft. The second sub-objective was to determine the level of medical identity theft awareness among medical aid members in the South African private healthcare sector. The third sub-objective was to identify best practices to address medical identity theft awareness. The methodology used by this exploratory research study included a convergent mixed method design, which was used to obtain quantitative and qualitative data. Data collection was completed using a literature review and a questionnaire. Data analysis and reporting made use of a qualitative content analysis, descriptive statistics, and logical argumentation. Respondents’ answers to a questionnaire about their experiences with medical identity theft provided insight into South African medical aid members’ awareness of medical identity theft. The data gathered from the respondents was analysed, and themes emerged that emphasised a lack of awareness of medical identity theft among South African medical aid members. Twenty-six pre-emptive and nine retroactive best practices to address medical identity theft awareness were identified from existing literature. These best practices were cross-referenced to determine their relevance to the list of concerns about medical identity theft that emanated from the survey completed by South African medical aid members.
- Full Text:
- Date Issued: 2020
- Authors: Ah Why, Brandon Lawrence
- Date: 2020
- Subjects: Medical records -- Access control -- South Africa Identity theft -- South Africa
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/49396 , vital:41708
- Description: The prevalence of medical identity theft continues to increase. This is a concern for medical aid members within the South African private healthcare sector. Medical identity theft can be caused by various individuals, including internal and external role players. The deceptions involved in medical identity theft can affect medical aid members, the healthcare industry, and medical aids. Medical aid members remain unaware that they are victims of medical identity theft until they receive high medical bills or are notified by their healthcare providers. This research study focused on the lack of awareness of medical identity theft among medical aid members. The main objective of this research study was to propose best practices that can be used to address medical aid members’ awareness of medical identity theft in the South African private healthcare sector. Sub-objectives were used to achieve the main objective. The first sub-objective was to identify the parties causing and the parties affected by medical identity theft. The second sub-objective was to determine the level of medical identity theft awareness among medical aid members in the South African private healthcare sector. The third sub-objective was to identify best practices to address medical identity theft awareness. The methodology used by this exploratory research study included a convergent mixed method design, which was used to obtain quantitative and qualitative data. Data collection was completed using a literature review and a questionnaire. Data analysis and reporting made use of a qualitative content analysis, descriptive statistics, and logical argumentation. Respondents’ answers to a questionnaire about their experiences with medical identity theft provided insight into South African medical aid members’ awareness of medical identity theft. The data gathered from the respondents was analysed, and themes emerged that emphasised a lack of awareness of medical identity theft among South African medical aid members. Twenty-six pre-emptive and nine retroactive best practices to address medical identity theft awareness were identified from existing literature. These best practices were cross-referenced to determine their relevance to the list of concerns about medical identity theft that emanated from the survey completed by South African medical aid members.
- Full Text:
- Date Issued: 2020