Abstract

In 2013, Communication Authority of Kenya (CAK) recorded cyber-attacks amounting to Sh5.4 million loses. In April 2016, Bandari Savings and Credit Cooperative Society lost Sh5 million through fraudulent ATM withdrawals (Nation Newspapers, April 8, 2016). These examples demonstrate weaknesses that may exist from security breaches and incidents caused by people, processes, and technology. Ministry of ICT and CAK are lacking specific Information Security Models tailored towards SACCOS in Kenya. The study therefore sought to assess the current status of information security policies among SACCOS in Kenya. The study adopted descriptive research design. The unit of observation was 135 SACCOS registered with SACCO Societies Regulatory Authority (SASRA) while the unit of analysis was 270 ICT personnel working in the 135 targeted SACCOS. The study targeted the SACCOS heads of IT department. The study used Nassiuma (2000) formula to get a sample of 85 respondents. Purposive sampling was further used in selecting study participants in every SACCOS who were considered to be knowledgeable of the variables under study. The study utilized questionnaire as the survey instrument to collect both quantitative and qualitative data. The study adopted descriptive statistics. Descriptive data was presented by use of frequency tables. The study established that in all the SACCOS studied, information security policy is used. However, there are still challenges on how information security breaches and incidents can be contained based on the results of the study and therefore calls for further research in academic research. The findings of the study indicate that SACCOS were able to validate that the enhanced information security model using an integrated approach worked as planned and reported to auditors, managers and executives that incident response programs are robust and reliable. If security controls didn’t work as planned, they will need to fix them. The actions and resources needed should be included in in the report to executives in the SACCOS sector in Kenya Keywords : SACCOS, Management controls, Information Security Policies, Risk assessment DOI : 10.7176/EJBM/11-27-09 Publication date:September 30th 2019

Highlights

  • 1.1 Background SACCOS worldwide have been recognized as an important source of economic growth

  • 4.1 Response Rate A total of 85 questionnaires were distributed to Information Technology (IT) employees from 85 SACCOS that are registered with SACCO Societies Regulatory Authority (SASRA) in Kenya

  • The security technologies utilized by SACCOS according to the study findings reduced computer viruses, hacking incidents and unauthorized access to use data, thereby decreasing security incidents and breaches

Read more

Summary

Introduction

1.1 Background SACCOS worldwide have been recognized as an important source of economic growth. Many people around the world are affiliated with co-operatives as reflected by International Cooperative Alliance (ICA Annual Report, 2016). Many countries that have achieved economic development have a dynamic and vibrant SACCOS’ sector which contributes to the growth of those economies. SACCOS provide savings and credit and investment opportunities to individuals, institutions and group members. SACCOS in Kenya have started to be more competitive in their field of financial institution since they contribute 30% of economic growth in the country (Gathurithu, 2011). The SACCOS sector is still young in the adoption of information technology and is faced with myriad problems in addressing information security threats

Objectives
Methods
Results
Conclusion
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Identifying gaps in IT retail Information Security policy implementation processes
Ileen E Van Vuuren ... Conrad Mueller
-
Ileen E Van Vuuren, et. al.Ileen E Van Vuuren ... Conrad Mueller
01 Nov 2015
Enhancing Information Security Process in Organisations in Qatar
Aisha Khalid Al-Hamar
-
Aisha Khalid Al-HamarAisha Khalid Al-Hamar
01 Jan 2015
An impact of information security investment on information security incidents
Hansol Lee ... Kyeongwon Yoo
-
Hansol Lee, et. al.Hansol Lee ... Kyeongwon Yoo
01 Jan 2015
Technical opinionAre employees putting your company at risk by not following information security policies?
Mikko Siponen ... M Adam Mahmood
Communications of the ACM | VOL. 52
Mikko Siponen, et. al.Mikko Siponen ... M Adam Mahmood
01 Dec 2009
View more papers

More From: European Journal of Business and Management

Paper Title
Journal
Date
Author
Work-family Conflict and Spiritual Wellbeing of Professional Married Women in Port-Harcourt
-
European Journal of Business and Management | VOL. -
--
01 Sep 2024
Antecedents and behavioral outcomes of tourism destination image: The moderating role of travel motivation and tourist’s region
-
European Journal of Business and Management | VOL. -
--
01 Sep 2024
Moderating Effect of Government Policy on the Relationship between Training Practices and Performance of Bachelor of Business Courses Graduates from TVETA Accredited Universities in Kenya
-
European Journal of Business and Management | VOL. -
--
01 Sep 2024
The Influence of Managerial Skills on Implementation of Strategic Plans at NHIF, Kenya
-
European Journal of Business and Management | VOL. -
--
01 Sep 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.