Investigating information systems security for banks in Kenya
Banks in Kenya have been automating their process to enhance services delivery to customers and reduce on the frauds that are occasioned by manual processes. The rate of consuming Information technologies by banks is unprecedented in Kenya. Automation of services by banks comes with different ways of exposure to the frauds and they have caused the banks to incur financial losses and have their corporate image dented due to deploying information systems without implementing appropriate information systems security frameworks. The purpose of the study was to establish the challenges that banks in Kenya encounter in adopting and implementing information systems security frameworks. Also the study aimed to develop an appropriate information systems security framework and assess the compliance levels for banks in accordance to the developed framework. The methodology of the study involved analyzing the existing information systems security frameworks, a study into the banks security requirements and design of an information systems security framework suitable for banks. The methods used in the field survey were questionnaire and document review. The main finding in the study was that majority of banks have not adopted any appropriate information systems security framework for their security and the main reason was due to lack of knowledge on the benefits of having a framework and lack of IT and banks management support. The Key contributions of the study was the development of the appropriate information systems security framework for the banks in Kenya, identification of challenges that banks face in adopting and implementing information systems security frameworks, provision of solutions to identified challenges and information showing state of information systems security for banks in Kenya.