Ensuring Effective Information Security Management: Information Classification and Access Control Practices

Awiye Sharon Serkwem; Rosemary M. Shafack

Title:
Ensuring Effective Information Security Management: Information Classification and Access Control Practices

Authors:
Rosemary M. Shafack | Awiye Sharon Serkwem

Cite This Article :

Rosemary M. Shafack | Awiye Sharon Serkwem "Ensuring Effective Information Security Management: Information Classification and Access Control Practices" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-1, December 2020, pp.894-901, URL: https://www.ijtsrd.com/papers/ijtsrd38122.pdf

Download

Abstract :
This study is based on information security management in financial institutions from the perspective of information classification and access control. As objectives, the study set out to assess information classification practices in microfinance institutions and their effect on overall information security management, and to examine access control in microfinance institutions and how it impacts information security management. The study made use of the Information Security Theory by Horne, Ahmad and Maynard, and a sequential exploratory mixed method survey research design. As data collection instruments, a questionnaire and an interview guide were used, with validity and reliability guaranteed by subject experts, ISO/IEC checklists, and Kuder Richardson formula 20 which realised a score of 0.81. Of the 30 managers and information security officers who participated in the study, a response rate of 100% was registered. To analyse data, descriptive statistics and thematic analysis were used. The findings portray loopholes in information classification and access control and thus in the information security management programme of participating institutions. Some recommendations put forth are; the need to adopt information classification schedules with distinguished levels of sensitivity, drafting of access control policies, signing of non-disclosure agreements and introduction of information security officers to ensure implementation and follow-up.

Keywords :
Information Security, Management, Classification and Access Control

Publication Details:

Unique Identification Number : IJTSRD38122

Published In : Volume-5 | Issue-1, December 2020

Page Number(s) : 894-901

Publisher Name : IJTSRD | www.ijtsrd.com | E-ISSN 2456-6470

Copyright © 2019 by author(s) and International Journal of Trend in Scientific Research and Development Journal. This is an Open Access article distributed under the terms of the Creative Commons Attribution License (CC BY 4.0) (http://creativecommons.org/licenses/by/4.0)

About IJTSRD
Indexing

International Journal of Trend in Scientific Research and Development - IJTSRD having online ISSN 2456-6470. IJTSRD is a leading Open Access, Peer-Reviewed International Journal which provides rapid publication of your research articles and aims to promote the theory and practice along with knowledge sharing between researchers, developers, engineers, students, and practitioners working in and around the world in many areas like Sciences, Technology, Innovation, Engineering, Agriculture, Management and many more and it is recommended by all Universities, review articles and short communications in all subjects. IJTSRD running an International Journal who are proving quality publication of peer reviewed and refereed international journals from diverse fields that emphasizes new research, development and their applications. IJTSRD provides an online access to exchange your research work, technical notes & surveying results among professionals throughout the world in e-journals. IJTSRD is a fastest growing and dynamic professional organization. The aim of this organization is to provide access not only to world class research resources, but through its professionals aim to bring in a significant transformation in the real of open access journals and online publishing.