Information security is basically a strategy for safeguarding data against both unknown and recognised threats. The goal of this study was to look at the factors that affect the security of information systems in public higher learning institutions in Tanzania. Despite various organisational efforts to establish various strategies to combat information system security vulnerabilities, such as implementing security procedures, processes, policies, and information system security organisation structures to ensure data security, information system security remains a critical issue to most Tanzania’s organisations. The main problem appears to be a lack of understanding of critical information security elements. Due to variances in ICT architecture, implementations, and usage, various firms have distinct security challenges. As a result, the study focuses on factors impacting the security of information systems at Tanzanian public higher learning institutions that provide bachelor's degrees or above, a total of 32 institutions. Hence, the sample size obtained from the population was eight institutions from both The National Council for Technical and Vocational Education and Training (NACTE) and Tanzania Commission for Universities (TCU). A descriptive research design was applied and mixed methodology was used to determine common factors that affect the security of information systems for all public higher learning institutions in Tanzania. The study found that common factors affecting the security of information systems include demographic factors, work environment, and inadequate information systems security policies. The study proposed regular awareness and training programmes for all employees; separation of information system security policy from ICT policy; proper policy formulation and formalisation procedures; as well as management and government support. In addition, all public higher learning institutions must develop a unified information system security policy framework.