Information security in financial organizations - the issues.case study - credit card business in Kenya
Ongori, W M
MetadataShow full item record
This study addresses the pertinent issues of security within an Information System as regards the control mechanism in relation to physical control, logical control and administrative control. Solution to the study is aimed at determining the level of knowledge in relation to computer security issues, existing policy and procedures in the use of computers and recommendation or advice on the same. The study considers computer security at a center of a leading financial institution in the country in terms of risk, threat, vulnerability and misuse keeping the three virtues of confidentiality, availability and integrity in mind. These issues are defined in terms of accessibility, data security, and intrusion through the network. The study has relied largely on data collected through field survey, observation instruments and perusal of materials available e.g. Intemal EDP auditors reports. The sampling frame in this survey is the staff at the center including vendors and the type of transactions available while the data elements are the computer department staff as well as other system users - marketing, credit accounts departments. The security problems at the center can be attributed to lack of computer policy by the IT management, lack of up to date physical security, lack of proper guidelines in password use, increased vulnerability to virus infection and lack of proper training on computer security. This study recommends that a computer security policy as well as computer security training be put in place for not only the center but alsd.the entire financial institution.