Implementation framework for information systems policy for fraud control in credit unions

Abstract

A gap exists of implementing IS policy making it difficult to achieve desired impact of securing Systems. The resultant problem is fraud which prevails in organizations even though there are documented policies. Four objectives which guided this study included: to establish the level of implementation of IS policy framework, to determine the extent of fraud occurrence on Information Systems (IS), to determine the potential fraud level exposure and to identify implementation framework for IS policy. The research adopted a descriptive survey design. The targeted population consisted 43 licensed deposit taking Credit Unions within Nairobi Metropolitan Region in Kenya (East Africa). A total of 140 questionnaires were distributed of which 125 were returned and validated. Results demonstrated that low level of implementation of policies lead to high fraud rate and higher chances of future occurrence of fraud. The enforcement level of the policies was also realized to be directly proportional to the impact level. This indicated that the documented policies within the organizations required an implementation framework. Presence of IS policies in isolation as studied was not sufficient to control fraud in organizations. This study concluded with demonstrating use of the 6x6 Zachman’s framework to implement IS policies.