Enhancing the validity of the SAPS gold fingerprinting database through improved sample-collection techniques

Crundwell, Gordon Rhodes

30 April 2008

This study's main focus was to analyse the methodology used by gold mines when obtaining reference samples required for gold fingerprinting analysis. Such methodology is also regulated by legislation in that in terms of the Precious Metals Act 37 of 2005 sect 22(1), "Any producer or any person who imports precious metals must submit to the Forensic Science Laboratory (FSL) of the South African Police Service (SAPS) such specimens of any precious metals produced or imported by him or her as may be prescribed". The gold mines are producers of precious metals, specifically gold, and they are therefore required to submit reference samples, which are then used by the SAPS FSL to maintain a database of gold samples. This database can then be used for comparison purposes during the forensic science of gold fingerprinting. The supporting regulations of the Precious Metals Act, Section 19 stipulate seven requirements for the submission of reference samples and this study intends to give guidelines to security officials employed on the gold mines of South Africa to ensure that these requirements are met and that the validity of the SAPS gold fingerprint database is enhanced through improved sample-collection techniques. The use of gold fingerprinting is part of the forensic investigation process used when trying to establish the origin of gold confiscated as an exhibit during police and mining security crime operations and recoveries, and this allows for victim identification in the resultant criminal trial and proper disposal of recovered gold-bearing materials that are recovered. It is important for the mine security official responsible for reference sample collection to keep in mind that the methodology used when obtaining these samples could be challenged in court and that, therefore, definitive guidelines should be followed to ensure that the most representative samples are collected and that the collection and handing over of samples meet chain of evidence requirements. / Criminology / M.Tech (Forensic Investigation)

363.240968

Fingerprints -- Identification

Fingerprints

Fingerprints -- Data processing

Identification -- South Africa

Forensic sciences -- South Africa

Criminal investigation -- South Africa

Evidence, Criminal -- South Africa

Information security risk management in small-scale organisations: a case study of secondary schools’ computerised information systems

Moyo, Moses

11 December 2014

Threats to computerised information systems are always on the rise and compel organisations to invest a lot of money and time amongst other technical controls in an attempt to protect their critical information from inherent security risks. The computerisation of information systems in secondary schools has effectively exposed these organisations to a host of complex information security challenges that they have to deal with in addition to their core business of teaching and learning. Secondary schools handle large volumes of sensitive information pertaining to educators, learners, creditors and financial records that they are obliged to secure. Computerised information systems are vulnerable to both internal and external threats but ease of access sometimes manifest in security breaches, thereby undermining information security. Unfortunately, school managers and users of computerised information systems are ignorant of the risks to their information systems assets and the consequences of the compromises that might occur thereof. One way of educating school managers and users about the risks to their computerised information systems is through a risk management programme in which they actively participate. However, secondary schools do not have the full capacity to perform information security risk management exercises due to the unavailability of risk management experts and scarce financial resources to fund such programmes. This qualitative case study was conducted in two secondary schools that use computerised information systems to support everyday administrative operations. The main objective of this research study was to assist secondary schools that used computerised information systems to develop a set of guidelines they would use to effectively manage information security risks in their computerised information systems. This study educated school managers and computerised information systems users on how to conduct simple risk management exercises. The Operationally Critical Threats, Assets and Vulnerability Evaluation for small-scale organisations risk management method was used to evaluate the computerised information systems in the two schools and attain the goals of the research study. Data for this study were generated through participatory observation, physical inspections and interview techniques. Data were presented, analysed and interpreted qualitatively. This study found that learners‟ continuous assessment marks, financial information, educators‟ personal information, custom application software, server-computers and telecommunication equipment used for networking were the critical assets. The main threats to these critical assets were authorised and unauthorised systems users, malware, system crashes, access paths and incompatibilities in software. The risks posed by these threats were normally led to the unavailability of critical information systems assets, compromise of data integrity and confidentiality. This also led to the loss of productivity and finance, and damage to school reputation. The only form of protection mechanism enforced by secondary schools was physical security. To mitigate the pending risks, the study educated school managers and users in selecting, devising and implementing simple protection and mitigation strategies commensurate with their information systems, financial capabilities and their level of skills. This study also recommended that secondary schools remove all critical computers from open-flow school networks, encrypt all critical information, password-protect all computers holding critical information and train all users of information systems of personal security. The study will be instrumental in educating school managers and computerised information systems users in information security awareness and risk management in general. / Science Engineering and Technology / M.Sc. (Information Systems)

005.80968

Computer security -- South Africa

Risk management -- South Africa

Information security risk management in small-scale organisations : a case study of secondary schools’ computerised information systems

Moyo, Moses

11 December 2014

Threats to computerised information systems are always on the rise and compel organisations to invest a lot of money and time amongst other technical controls in an attempt to protect their critical information from inherent security risks. The computerisation of information systems in secondary schools has effectively exposed these organisations to a host of complex information security challenges that they have to deal with in addition to their core business of teaching and learning. Secondary schools handle large volumes of sensitive information pertaining to educators, learners, creditors and financial records that they are obliged to secure. Computerised information systems are vulnerable to both internal and external threats but ease of access sometimes manifest in security breaches, thereby undermining information security. Unfortunately, school managers and users of computerised information systems are ignorant of the risks to their information systems assets and the consequences of the compromises that might occur thereof. One way of educating school managers and users about the risks to their computerised information systems is through a risk management programme in which they actively participate. However, secondary schools do not have the full capacity to perform information security risk management exercises due to the unavailability of risk management experts and scarce financial resources to fund such programmes. This qualitative case study was conducted in two secondary schools that use computerised information systems to support everyday administrative operations. The main objective of this research study was to assist secondary schools that used computerised information systems to develop a set of guidelines they would use to effectively manage information security risks in their computerised information systems. This study educated school managers and computerised information systems users on how to conduct simple risk management exercises. The Operationally Critical Threats, Assets and Vulnerability Evaluation for small-scale organisations risk management method was used to evaluate the computerised information systems in the two schools and attain the goals of the research study. Data for this study were generated through participatory observation, physical inspections and interview techniques. Data were presented, analysed and interpreted qualitatively. This study found that learners‟ continuous assessment marks, financial information, educators‟ personal information, custom application software, server-computers and telecommunication equipment used for networking were the critical assets. The main threats to these critical assets were authorised and unauthorised systems users, malware, system crashes, access paths and incompatibilities in software. The risks posed by these threats were normally led to the unavailability of critical information systems assets, compromise of data integrity and confidentiality. This also led to the loss of productivity and finance, and damage to school reputation. The only form of protection mechanism enforced by secondary schools was physical security. To mitigate the pending risks, the study educated school managers and users in selecting, devising and implementing simple protection and mitigation strategies commensurate with their information systems, financial capabilities and their level of skills. This study also recommended that secondary schools remove all critical computers from open-flow school networks, encrypt all critical information, password-protect all computers holding critical information and train all users of information systems of personal security. The study will be instrumental in educating school managers and computerised information systems users in information security awareness and risk management in general. / Science Engineering and Technology / M. Sc. (Information Systems)

005.80968

Computer security -- South Africa

Risk management -- South Africa

Enhancing the validity of the SAPS gold fingerprinting database through improved sample-collection techniques

Crundwell, Gordon Rhodes

30 April 2008

This study's main focus was to analyse the methodology used by gold mines when obtaining reference samples required for gold fingerprinting analysis. Such methodology is also regulated by legislation in that in terms of the Precious Metals Act 37 of 2005 sect 22(1), "Any producer or any person who imports precious metals must submit to the Forensic Science Laboratory (FSL) of the South African Police Service (SAPS) such specimens of any precious metals produced or imported by him or her as may be prescribed". The gold mines are producers of precious metals, specifically gold, and they are therefore required to submit reference samples, which are then used by the SAPS FSL to maintain a database of gold samples. This database can then be used for comparison purposes during the forensic science of gold fingerprinting. The supporting regulations of the Precious Metals Act, Section 19 stipulate seven requirements for the submission of reference samples and this study intends to give guidelines to security officials employed on the gold mines of South Africa to ensure that these requirements are met and that the validity of the SAPS gold fingerprint database is enhanced through improved sample-collection techniques. The use of gold fingerprinting is part of the forensic investigation process used when trying to establish the origin of gold confiscated as an exhibit during police and mining security crime operations and recoveries, and this allows for victim identification in the resultant criminal trial and proper disposal of recovered gold-bearing materials that are recovered. It is important for the mine security official responsible for reference sample collection to keep in mind that the methodology used when obtaining these samples could be challenged in court and that, therefore, definitive guidelines should be followed to ensure that the most representative samples are collected and that the collection and handing over of samples meet chain of evidence requirements. / Criminology and Security Science / M.Tech (Forensic Investigation)

363.240968

Fingerprints -- Identification

Fingerprints

Fingerprints -- Data processing

Identification -- South Africa

Forensic sciences -- South Africa

Criminal investigation -- South Africa

Evidence, Criminal -- South Africa

Digital doorways and the analysis of software application usage in ‘unassisted learning’ environments in impoverished South African communities

Gush, Kim Lawrence

03 1900

The Digital Doorway (DD) project provides computing infrastructure in impoverished communities in South Africa. DD terminals offer opportunities for unassisted- and peerassisted learning of basic computer skills, and varying computing activities ranging from entertainment, to independent research. This study addresses software application usage, and how it relates to user demographics (age and gender) and location, in order to better understand both the user base, and the nature and extent of DD interactions. A mixed-methods approach is employed, involving log-files, interviews, questionnaires, and naturalistic observation; to build up a holistic picture of application usage and user behaviour at selected sites. Important issues with respect to ICT for Education and Development in the DD context, are addressed. Analysis of the data indicates notable trends, and relationships between age, gender, location, and application usage. User behaviour and environmental effects on usage are discussed, and recommendations provided for future DDs and similar initiatives. / Computing / M. Tech. (Information Technology)

Computer literacy

Community informatics

Design-based research

Digital divide

Digital Doorway

ICT in education

ICT for development

Mixed-methods research

Technologically disadvantaged

Unassisted learning

004.071068

Digital Doorway (Project)

Digital divide -- South Africa

Computer networks -- South Africa

Developing a strategic management framework for information technology migration to free open source software in the South African public sector

Ngeleza, Bangani Eric

07 June 2012

The Government of South Africa adopted a policy on Free Open Source Software (FOSS) in 2003. This policy requires all government entities to migrate their IT to open source. This adoption of the FOSS policy is based on evidence of potential FOSS contributions to economic development generally, and directly support South African economic development priorities. In spite of the adoption of this policy, rates of adoption of FOSS in the SA government are low. This is partly because there is a lack of documentation of successful cases of migration. In addition, there is no strategic management framework that managers can use as a guide for migration. This lack of documentation may result in managers in government finding it difficult to know how best to go about migrating to FOSS. A failure to address this problem will delay the take-up of FOSS, in spite of all its stated benefits. Evidence so far within the government of South Africa is that the adoption of FOSS is progressing rather slowly. Making use of a qualitative research method that combines grounded theory with a case study method in four South African Government organisations, this study develops a strategic management framework for IT migration to FOSS in the South African public service. The four organisations that were part of this study were: the National Library of South Africa; the Presidential National Commission on Information Society and Development; the Electronic National Traffic Information System and the State Information Technology Agency. Data was collected using an open-ended interview guide. A strategic management framework for Information Technology migration to FOSS will assist the Government of South Africa with the better implementation of its FOSS policy. The framework will provide guidance to public sector managers regarding how the process of migrating can best be managed. Content analysis is used to derive the framework that shows that IT migration to FOSS in the public sector of South Africa follows a strategic management process. This process goes through the phases of strategic planning, operational planning, implementation and monitoring and evaluation. The framework is developed using eclectic explanations of strategic management, including mechanistic and organic perspectives. Correspondence analysis is used to corroborate and validate the framework. The framework is accompanied by a set of management guidelines that managers in the public sector can use in migrating their organisations' IT to FOSS. / School for Business Leadership / (D.B.L. (Strategic Management))

Strategic management frameworks

Emergent theory

Technology innovation

Free open source software

Strategic management

Technology migration

Open content

Change management

Strategy effectiveness

352.340968

Strategic planning -- South Africa

Open source software -- South Africa

Free computer software -- South Africa

A spatial decision support system for groundwater abstraction impact assessment and licensing

Basson, F. C. (Frederick Christoffel)

January 2005

Thesis (MSc)--Stellenbosch University, 2005. / ENGLISH ABSTRACT: Water resources in South Africa are limited and groundwater plays an important role in supporting basic human needs, sustaining ecosystems and enabling industrial and agricultural development. Sound management practices are necessary to ensure sustainable development of water resources. All groundwater usage must be licensed in compliance with the National Water Act of 1998. A Spatial Decision Support System (SDSS) can be used to assist in the groundwater usage licensing process of the Department of Water Affairs and Forestry (DWAF). The main aim of this study was to develop a SDSS, named Groundwater Abstraction & Licence Evaluation Tool (GALET), that could assist in the process of allocating water use licences and determining the local impact of abstraction, based on existing theory and data. The development was done within ArcView 3.2 using the scripting language Avenue. The Sandveld, an arid stretch of land along the west coast of South Africa that is heavily impacted by groundwater abstraction, was the chosen study area. The data collected for this study included existing borehole, recharge, rainfall and geological information. GALET proved to be capable of calculating essential information needed to evaluate groundwater abstraction, which included drawdown in the water table, zone of influence and the possible effects on features such as rivers and wetlands. Targeted potential users regarded GALET as a useful tool in the process of licensing and groundwater abstraction impact assessment and plans are under way to implement GALET or a derivative thereof at the DWAF regional offices. / AFRIKAANSE OPSOMMING: Waterhulpbronne in Suid-Afrika is beperk en grondwater speel 'n belangrike rol in die ondersteuning van basiese menslike behoeftes, volhouding van ekosisteme asook industriële en landbou-ontwikkeling. Betroubare bestuurspraktyke is noodsaaklik om die volhoubare ontwikkeling van waterhulpbronne te verseker. Alle grondwatergebruik moet volgens die Nasionale Waterwet van 1998 gelisensieer word. 'n Ruimtelike Besluitnemings Ondersteuning Stelsel (RBOS) kan as 'n hulpmiddel gebruik word in die lisensiëringsproses van die Departement van Waterwese en Bosbou. Die hoofdoel van hierdie studie was om 'n RBOS, genoem Groundwater Abstraction & Licence Evaluation Tool (GALET), te ontwikkel wat as hulpmiddel gebruik kan word in die allokeringsproses van watergebruiklisensies en die bepaling van die impak van grondwateronttrekking op die omgewing, gebaseer op bestaande teorie en data. Die ontwikkeling is in ArcView 3.2 met die programmeringstaal Avenue gedoen. Die Sandveld, 'n ariede streek aan die weskus van Suid-Afrika wat onderhewig is aan grootskaalse grondwateronttrekking, is gekies as die studie area. Die data wat vir hierdie studie ingesamel is sluit bestaande boorgat, grondwateraanvulling, reënval en geologiese inligting in. GALET was in staat om belangrike inligting aangaande die evaluering van grondwateronttrekking te bereken, o.a. die daling van die grondwatervlak, die impaksone en die moontlike effekte op landvorms soos riviere en vleilande. Die teikengroep potensiële gebruikers het GALET as 'n nuttige hulpmiddel in die proses van lisensiëring en grondwateronttrekking impakbepaling beskou en planne is onderweg om dit of 'n aangepaste program by die streekskantore van die Departement van Waterwese en Bosbou te implementeer.

Water use -- Licenses -- South Africa

Groundwater -- South Africa -- Sandveld

Decision support systems

Integration of information management systems to enhance business intelligence at the Department of Transport in South Africa

Chauke, Tshepo

02 1900

Public sector decision makers are confronted by pressures to make faster and better decisions as a result of the competitive environment they operate in. However, there is a trend in the public sector, including the Department of Transport (DoT) in South Africa, to invest in management information systems (MIS) that are highly fragmented and not aiding effective and timely decision-making. As a result, the country witnessed several service delivery protests since 2008 which also affected the public transport sector, such as the widespread burning of Metrorail trains several times by angry commuters. In most instances, poor service delivery emanates from the fact that public servants do not have information at their fingertips to make decisions. This quantitative study utilised Control Objectives for Information and Related Technologies 5 (COBIT 5) as a theoretical framework to investigate the integration of MIS at the DoT with a view to enhancing business intelligence for effective decision-making. Data were collected through a questionnaire directed at middle managers and senior managers that were selected through stratification of business units at the DoT, as well as analysis of documents such as system specifications and strategic plans. The study established that the DoT has several systems such as Alfresco, BAS, GIS, Logis and Persal to name a few, which serve different purposes. However, in most instances, the systems are not integrated as the current infrastructure did not support integration needs and plans to accommodate changing requirements. This is compounded by the system policy implementation constraints, as well as ageing legacy systems that are obsolete. The only component where MIS was found to be integrated, was in the financial business units (Supply Chain Management, Finance and Budgeting). Core business units use off-the-shelf systems and, in some cases, custom-made applications that do not integrate with any other system and thus hinder decision-making. In conclusion, decisions are made based on thumb-sucking, as management does not have access to comprehensive information that is stored in fragmented unintegrated systems. The study recommends that governance structures should be set up to deal with a more holistic business, information and technology architecture for the DoT that enable integration of various systems for effective decision-making. Failure to transform this pattern would lead to service delivery protests persisting. A further study on a framework to integrate MIS in the public sector is recommended. / Information Science / M. Inf.

Business intelligence

Management information systems

Information management

Systems integration

Service delivery

COBIT 5

658.403868

Business intelligence -- South Africa

Decision support systems -- South Africa

Digital doorways and the analysis of software application usage in ‘unassisted learning’ environments in impoverished South African communities

Gush, Kim Lawrence

03 1900

The Digital Doorway (DD) project provides computing infrastructure in impoverished communities in South Africa. DD terminals offer opportunities for unassisted- and peerassisted learning of basic computer skills, and varying computing activities ranging from entertainment, to independent research. This study addresses software application usage, and how it relates to user demographics (age and gender) and location, in order to better understand both the user base, and the nature and extent of DD interactions. A mixed-methods approach is employed, involving log-files, interviews, questionnaires, and naturalistic observation; to build up a holistic picture of application usage and user behaviour at selected sites. Important issues with respect to ICT for Education and Development in the DD context, are addressed. Analysis of the data indicates notable trends, and relationships between age, gender, location, and application usage. User behaviour and environmental effects on usage are discussed, and recommendations provided for future DDs and similar initiatives. / Computing / M. Tech. (Information Technology)

Computer literacy

Community informatics

Design-based research

Digital divide

Digital Doorway

ICT in education

ICT for development

Mixed-methods research

Technologically disadvantaged

Unassisted learning

004.071068

Digital Doorway (Project)

Digital divide -- South Africa

Computer networks -- South Africa

Developing a strategic management framework for information technology migration to free open source software in the South African public sector

Ngeleza, Bangani Eric

07 June 2012

The Government of South Africa adopted a policy on Free Open Source Software (FOSS) in 2003. This policy requires all government entities to migrate their IT to open source. This adoption of the FOSS policy is based on evidence of potential FOSS contributions to economic development generally, and directly support South African economic development priorities. In spite of the adoption of this policy, rates of adoption of FOSS in the SA government are low. This is partly because there is a lack of documentation of successful cases of migration. In addition, there is no strategic management framework that managers can use as a guide for migration. This lack of documentation may result in managers in government finding it difficult to know how best to go about migrating to FOSS. A failure to address this problem will delay the take-up of FOSS, in spite of all its stated benefits. Evidence so far within the government of South Africa is that the adoption of FOSS is progressing rather slowly. Making use of a qualitative research method that combines grounded theory with a case study method in four South African Government organisations, this study develops a strategic management framework for IT migration to FOSS in the South African public service. The four organisations that were part of this study were: the National Library of South Africa; the Presidential National Commission on Information Society and Development; the Electronic National Traffic Information System and the State Information Technology Agency. Data was collected using an open-ended interview guide. A strategic management framework for Information Technology migration to FOSS will assist the Government of South Africa with the better implementation of its FOSS policy. The framework will provide guidance to public sector managers regarding how the process of migrating can best be managed. Content analysis is used to derive the framework that shows that IT migration to FOSS in the public sector of South Africa follows a strategic management process. This process goes through the phases of strategic planning, operational planning, implementation and monitoring and evaluation. The framework is developed using eclectic explanations of strategic management, including mechanistic and organic perspectives. Correspondence analysis is used to corroborate and validate the framework. The framework is accompanied by a set of management guidelines that managers in the public sector can use in migrating their organisations' IT to FOSS. / School for Business Leadership / (D.B.L. (Strategic Management))

Strategic management frameworks

Emergent theory

Technology innovation

Free open source software

Strategic management

Technology migration

Open content

Change management

Strategy effectiveness

352.340968

Strategic planning -- South Africa

Open source software -- South Africa

Free computer software -- South Africa