The University has continued to embrace performance contracting as a strategy for achieving its overall goal of improving service delivery. Performance contracting is a service improvement tool that involves setting SMART objectives and clear targets. Through concerted efforts by the Directorate of Performance Contracting and ISO (DPCISO) and process owners, the University has ensured that performance targets are established, negotiated, vetted, and eventually cascaded to every department.
Targets are set on a yearly basis and a follow through made to ensure successful implementation. The University celebrated the attainment and re-certification of ISO 9001-2015 Quality Management System (QMS) in 2021. This was a demonstration of the University’s commitment to providing high-quality education. In turn, this would guarantee that graduates who are churned out are competent graduates and meet world standards.
During the 2021/22 financial year performance contract evaluation, the University improved its composite score. The annual evaluation is conducted by the Public Service Performance Management and Monitoring Unit which vets the performance of government institutions. The improved score is a demonstration of the commitment of the Council and Management to ensure quality services are offered to the University’s customers.
The re-certification was followed by a series of workshops. A sensitization workshop for top management was conducted. In January 2022, a documentation workshop was conducted. The workshops were geared towards demystifying the ISO system and getting users’ buying. DPCISO is able to check the efficiency and effectiveness of University processes through surveillance audits. The ISO system helps the University to recognize lapses and continually improve its processes. The system also helps the institution manage risks and to meet the needs and expectations of its customers and stakeholders.
The University is keen to improve its data security. Plans are at an advanced stage toward certification on the Information Security Management System (ISMS) standard. The system will protect and manage information based on a systematic business risk approach. Several trainings and sensitization meetings have been held targeting ISMS implementers, champions and internal auditors.
The adoption of the management systems is a strategic decision to ensure that the University offers quality services. It also ensures that the information security of the institution is enhanced.
Murang’a University of Technology (MUT) is pleased to announce the ISO/IEC 27001:2013 standard Certification. The University has been working towards the certification since 2021. This certification comes in recognition of the University’s successful establishment of an ISMS as part of MUT’s commitment to protecting the confidentiality, integrity and availability of information of all its members and stakeholders. The certification was issued by the Kenya Bureau of Standards (KEBS), an independent and accredited certification body based in Kenya, upon MUT’s successful completion of a formal audit process. KEBS verified and determined that our Information Security Management System (ISMS) is comprehensive and has met the rigorous international standards outlined by the ISO.
Stakeholders privacy and security are extremely important to us. In its effort to implement the system, the University has adopted a risk management-based approach to information security that empowers the administrative organs to oversee and control the handling of the information assets. The ISMS is made up of all the controls necessary to ensure that the University prudently protect the confidentiality, availability, and integrity of information assets from threats and vulnerabilities.
In addition to infrastructure, a proper ISMS is made up of people who perform roles and manage procedures, based on organisational policies. The MUT staff ensure that their practices comply with our documented policies and procedures. The University is committed to support a robust digital transformation strategy to further enhance information security, resiliency, and business continuity. In addition, the University Management will provide the necessary resources to implement, maintain, and continually improve the ISMS including the requirements for the assessment and treatment of information security risks.