Information security in financial organizations - the issues.case study - credit card business in Kenya
Abstract
This study addresses the pertinent issues of security within an Information System as
regards the control mechanism in relation to physical control, logical control and
administrative control. Solution to the study is aimed at determining the level of
knowledge in relation to computer security issues, existing policy and procedures in the
use of computers and recommendation or advice on the same.
The study considers computer security at a center of a leading financial institution in the
country in terms of risk, threat, vulnerability and misuse keeping the three virtues of
confidentiality, availability and integrity in mind. These issues are defined in terms of
accessibility, data security, and intrusion through the network.
The study has relied largely on data collected through field survey, observation
instruments and perusal of materials available e.g. Intemal EDP auditors reports.
The sampling frame in this survey is the staff at the center including vendors and the type
of transactions available while the data elements are the computer department staff as
well as other system users - marketing, credit accounts departments.
The security problems at the center can be attributed to lack of computer policy by the IT
management, lack of up to date physical security, lack of proper guidelines in password
use, increased vulnerability to virus infection and lack of proper training on computer
security.
This study recommends that a computer security policy as well as computer security
training be put in place for not only the center but alsd.the entire financial institution.
Citation
MSc.Publisher
school of Computing and informatics, University of Nairobi
Description
Master of Science in Information Systems