Information Security Management Practices and Organizational Goals: a Study of Microfinanace Organizations in Nairobi
Abstract
The aim of this paper was to study information security management practices and
organizational goals in Microfinance organizations in Nairobi. This study looked at
whether information security management practices had any relationship or impact on
organizational goals. Further, the study sought to identify the various types of
information security management frameworks that the organizations had adopted. The
specific objectives of the study included establishing types of information security
management practices undertaken, extent of awareness of information security
management practices by the stakeholders, and how information security management
practices are aligned with organizational goals. A census of the population was
undertaken of the sixteen microfinance institutions in Nairobi. This was followed by a
descriptive analysis of the data collected. The study concluded that most microfinance
organizations had adopted information security management frameworks in the simplest
form this being ISO. Therefore it was difficult to critically establish the relationship
between information security management practices and organizational goals.
Publisher
University of Nairobi