[kictanet] Our Response to Systematic ICT Systems Failure at IEBC-just fix the laws/regulatory framework
Brian Munyao Longwe
blongwe at gmail.com
Wed Mar 13 12:46:03 EAT 2013
Hi Walu,
While I agree with you that laws and regualtions can address impropriety in
ICT systems procurement, development and operation, it is unlikely that
they can influence day to day practice.
I think that Harry is on the right track with the formation of a
specialized task force that is able to make supervisory skills,
professionalism and experience available to public service IT
implementations as well as provide "rapid relief" during crises.
Best regards,
Brian
cell: +254715964281
#*****TRON LIVES*****#
On Mar 13, 2013 10:36 AM, "Harry Delano" <harry at comtelsys.co.ke> wrote:
Hey Walu,****
** **
Very pertinent issues, these that you have raised.****
** **
Looking at the Framework we have ,it’s tough to see how we can sufficiently
address the issue we have at hand. At best we can only rely on what IEBC
will willingly share.. But we cannot****
compel them to do so. It is an independent body. Who has oversight on
independent bodies, other than the Judiciary..? At best Judiciary will
also have to rely on evidence. Who produces****
credible high quality tech evidence..?****
** **
Your response came in while I was mulling the idea of mooting a national IS
( Information Systems) Task force – maybe to be named KISTF (Kenya
Information Systems Task Force). This is****
in cognizance of the fact most systems are going digital in this
information age and without any independent supervisory framework, we may
have real issues handling the ensuing mayhem.****
** **
This body should have the capacity/powers to deal with/oversee/audit –
National IS systems – The procurement process, implementation and
operational matters as well as audits and ensure ****
good governance etc.****
** **
In fact now that we are aware that such an issue as the debacle at IEBC
would come back and bite us hard ( We the ICT fraternity), it is incumbent
upon us to lobby to be put in place the legal ****
framework that paves way for such a taskforce that should be independent,
professional, impartial, credible and with a national outlook, and of
course.****
** **
Where can we start..? Secretariat..?****
** **
Regards,****
Harry****
** **
*From:* kictanet [mailto:kictanet-bounces+harry=
comtelsys.co.ke at lists.kictanet.or.ke] *On Behalf Of *Walubengo J
*Sent:* Wednesday, March 13, 2013 9:24 AM
*To:* harry at comtelsys.co.ke
*Cc:* KICTAnet ICT Policy Discussions
*Subject:* Re: [kictanet] Our Response to Systematic ICT Systems Failure at
IEBC-just fix the laws/regulatory framework****
** **
Edith,
In Kenya there is NO explicit and compelling legal framework for auditing
Information Systems. The Kenya Comm. Act 2009 comes close but is too
general and restricted to telcos. Furthermore the details of how these
telcos are supposed to maintain security and integrity of their Infor
systems is *correctly* left out since this does require and independent
and substantive standolone legislation that touches on the role of an IT
savvy Judiciary, IT Savvy Prosecution, IT Savvy Investigators/Law
Enforcement and IT Savvy Organisastional Requirments (e.g being compelled
to do regular and report on IS Audits - more like we do for the Financial
Audits). So that is the ecosystem/framework that needs to kick in to
guarantee us some semblance of a secure information system
landscape/knowledge industry.
Serious companies (mainly blue chip banking, insurance, telcos, etc) do
Info System Audit either as best practice or as directed by their foreign
Headquarters' legal requirements. US/EU/Australia have specific laws
compelling companies to annually do and report on their Information Systems
Governance, Risks and Assurance.
In Kenya the closest we have come to having this framework is through the
repeated and still continuing attempts to have the Data Protection Bill,
the Freedom of Information Bill as well last years CCKs discussions on
eCommerce Regulations in palce. In all these exercises ISACA-Kenya (
www.isaca.or.ke) which is the local chapter for the international (
www.isaca.org) that deals with Information Systems Governance, Risks and
Assurance has been participating. So my take going forward is just fix
these laws and regulations and we can save ourselves the next election
fiasco in 2017.
Your never having heard of them (ISACA-Kenya) is because "tunatenda bila
kusema" (we do without saying :- ) just to rephrase the now famous slogan.
walu.
****
** **
------------------------------
*From:* Edith Adera <eadera at idrc.ca>
*To:* Walubengo J <jwalu at yahoo.com>
*Cc:* KICTAnet ICT Policy Discussions <kictanet at lists.kictanet.or.ke>
*Sent:* Tuesday, March 12, 2013 9:53 PM
*Subject:* RE: [kictanet] Our Response to Systematic ICT Systems Failure at
IEBC****
Walu,
What is the legal and institutional framework for auditing such mega
systems for public use? which is the standards body?
who would be responsible for carrying out such a public audit - afte action
review?
Never heard of ISACA-Kenya?
Edith
________________________________________
From: kictanet [kictanet-bounces+eadera=idrc.ca at lists.kictanet.or.ke] on
behalf of Walubengo J [jwalu at yahoo.com]
Sent: Tuesday, March 12, 2013 12:08 PM
To: Edith Adera
Cc: KICTAnet ICT Policy Discussions
Subject: Re: [kictanet] Our Response to Systematic ICT Systems Failure at
IEBC
+1,
@ Sam,
>From your pitch,
>>...are we saying that nobody in this list bid for this system? nobody
tried? ... doesn't that mean we are just talking ..... and talk is cheap.
am tempted to confess that indeed as a member of the ISACA-Kenya (the
information system audit community) I did get an invite to make a bid to
externally audit the election information system. But guess what, the
invite came on a Friday Feb 22nd and was due by that Monday 25th which
incidentally was then just 1week to the voting/election day. Assuming the
eventual IS Auditor (whoever it was) did find issues that needed more than
a week to fix?
My point which I have been singing all along, folks in Government and
related type of organisations know what needs to be done, they just never
get the complimentary and necessary support in a timely manner. So your
post-mortem must go beyond the technical and begin to address the
"organisational" context/issues.
walu.
________________________________
From: Sam Gichuru <gichuru at gmail.com>
To: jwalu at yahoo.com
Cc: KICTAnet ICT Policy Discussions <kictanet at lists.kictanet.or.ke>
Sent: Tuesday, March 12, 2013 6:45 PM
Subject: Re: [kictanet] Our Response to Systematic ICT Systems Failure at
IEBC
Edith,
I am one of those who suggested a full Audit of the system but only after
the elections and I am definitely looking forward to this weeks #140 Friday
with Brian, I hear people involved will be available for candid discussions.
What I am seeing and I stand to be corrected is the spectator syndrome,
when everything is ok and the international press highlight Kenya as a tech
destination, Mpesa is praised, Ushahidi and startups with all our Mvitus,
we celebrate, claim our team (#teamtech/ICT) is winning and write long blog
posts and gazillion tweets etc
This only last as long as nothing goes wrong, but when it does, suddenly
the conversation changes from "we" to "them", they have failed, they dint
consult, they dint test, they... not us. This is what most football
fans/Spectators do, they love their football team only when its winning,
which basically makes one wonder are we players or are we fans of this game?
But to bring this home, we have a bigger problem, if this community started
asking about the procurement process, the system architect and the
companies that were selected to implement the IEBC system only after it
failed, we are not engaging enough, are we saying that nobody in this list
bid for this system? nobody tried? ... doesn't that mean we are just
talking ..... and talk is cheap.
I would like to challenge the community to engage more with an aim to
problem solve, to tender and bid for local contracts, to build more open
source solutions, to fundraise with an aim to seed fund startups, if we
dont... we are going to be running around in circles and then move to
Rwanda and guess what we will all say ..... they dint do xyz...
Let ask Ourselves ... who is they?
On Tue, Mar 12, 2013 at 4:35 PM, Edith Adera <eadera at idrc.ca<mailto:
eadera at idrc.ca>> wrote:
Harry,
Not sure you were in Kenya or buried your head in the sand!
It’s a fact that the system did not work and IEBC had to revert to the
manual system as reported by the Chair of the IEBC on TV.
We need to learn to tell the truth as a country and confront our issues.
Someone suggested on this list, can’t remember who, that as an ICT
industry an audit should be carried out so we know what went wrong and
learn for the future.
Why do we always turn to the easy targets….tribalism, partisan interests
etc when hard questions are asked?
Edith
From: kictanet [mailto:kictanet-bounces+eadera<
mailto:kictanet-bounces%2Beadera <kictanet-bounces%2Beadera>>=
idrc.ca at lists.kictanet.or.ke<mailto:idrc.ca at lists.kictanet.or.ke>] On
Behalf Of Harry Delano
Sent: March 12, 2013 3:22 PM
To: Edith Adera
Cc: KICTAnet ICT Policy Discussions
Subject: [kictanet] Our Response to Systematic ICT Systems Failure at IEBC
Aye..!
Could someone please aver what the furor was all about on this list when
systems failed at IEBC last week. I thought it was so that
we could address systemic issues in that part of the election process..?
Please someone correct me, but I seem to be settling on
this conclusion that we collectively only raise hue and cry when the
system(s) are perceived to be working against “us”, or not in
“our” interests – whichever side of divide each one of us sits. Once they
serve ‘our’ interests, we quickly move on.. So where is
posterity in all this..? A pattern emerges where well calculated
intellectual arguments everywhere nowadays, that thinly veil and
mask the real motives in us. We completely bury our heads in the ground and
deny that we have deeply rooted issues that stem
from tribe, class etc and as a result, we are caught up in this vicious
cycle that we cannot seem to free ourselves from and which
clouds our entire vision as a nation. Who will free us, if we do not take
initiative ourselves..? How and when will we as a nation
confront this ‘monster’ head on, by first of all acknowledging it exists.
Then moving to deal with it. Can this list be at the forefront
of it..?
If so, let’s start now..
Harry
_______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke<mailto:kictanet at lists.kictanet.or.ke>
https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at
https://lists.kictanet.or.ke/mailman/options/kictanet/gichuru%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for
people and institutions interested and involved in ICT policy and
regulation. The network aims to act as a catalyst for reform in the ICT
sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors
online that you follow in real life: respect people's times and bandwidth,
share knowledge, don't flame or abuse or personalize, respect privacy, do
not spam, do not market your wares or qualifications.
--
Warm Regards,
------------------------
Sam Gichuru
twitter: | @samgichuru<http://twitter.com/samgichuru>
Blog: | www.samgichuru.com<http://www.samgichuru.com/>
Facebook: | Sam.g<http://sam.g/>ichuru<http://www.facebook.com/sam.gichuru>
Skype: Sam.gichuru
Cellphone: | +254-722-730565
Co-founder/ Director /Nailab Incubation
Location: | Nairobi
Website: | www.nailab.co.ke<http://www.nailab.co.ke/>
twitter: | @thenailab
_______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke<mailto:kictanet at lists.kictanet.or.ke>
https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at
https://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for
people and institutions interested and involved in ICT policy and
regulation. The network aims to act as a catalyst for reform in the ICT
sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors
online that you follow in real life: respect people's times and bandwidth,
share knowledge, don't flame or abuse or personalize, respect privacy, do
not spam, do not market your wares or qualifications.
****
_______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke
https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at
https://lists.kictanet.or.ke/mailman/options/kictanet/blongwe%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for
people and institutions interested and involved in ICT policy and
regulation. The network aims to act as a catalyst for reform in the ICT
sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors
online that you follow in real life: respect people's times and bandwidth,
share knowledge, don't flame or abuse or personalize, respect privacy, do
not spam, do not market your wares or qualifications.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20130313/5422c913/attachment.htm>
More information about the KICTANet
mailing list