This study is based on information security management in financial institutions from the perspective of information classification and access control. As objectives, the study set out to assess information classification practices in microfinance institutions and their effect on overall information security management, and to examine access control in microfinance institutions and how it impacts information security management. The study made use of the Information Security Theory by Horne, Ahmad and Maynard, and a sequential exploratory mixed method survey research design. As data collection instruments, a questionnaire and an interview guide were used, with validity and reliability guaranteed by subject experts, ISO/IEC checklists, and Kuder Richardson formula 20 which realised a score of 0.81. Of the 30 managers and information security officers who participated in the study, a response rate of 100% was registered. To analyse data, descriptive statistics and thematic analysis were used. The findings portray loopholes in information classification and access control and thus in the information security management programme of participating institutions. Some recommendations put forth are; the need to adopt information classification schedules with distinguished levels of sensitivity, drafting of access control policies, signing of non-disclosure agreements and introduction of information security officers to ensure implementation and follow-up.
Information Security, Management, Classification and Access Control
International Journal of Trend in Scientific Research and Development - IJTSRD having
online ISSN 2456-6470. IJTSRD is a leading Open Access, Peer-Reviewed International
Journal which provides rapid publication of your research articles and aims to promote
the theory and practice along with knowledge sharing between researchers, developers,
engineers, students, and practitioners working in and around the world in many areas
like Sciences, Technology, Innovation, Engineering, Agriculture, Management and
many more and it is recommended by all Universities, review articles and short communications
in all subjects. IJTSRD running an International Journal who are proving quality
publication of peer reviewed and refereed international journals from diverse fields
that emphasizes new research, development and their applications. IJTSRD provides
an online access to exchange your research work, technical notes & surveying results
among professionals throughout the world in e-journals. IJTSRD is a fastest growing
and dynamic professional organization. The aim of this organization is to provide
access not only to world class research resources, but through its professionals
aim to bring in a significant transformation in the real of open access journals
and online publishing.