A Framework for Human Factors Influence on Information Systems Security at Commercial Banks in Ethiopia
No Thumbnail Available
Date
2020-06-06
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Addis Ababa University
Abstract
The importance of protecting information in banks and mitigating security breach is becoming
more important than ever. Human factors represent essential issue in information systems
security in organizations, since human factors determine the behavior of employees toward
information systems security. This thesis researched information systems security
countermeasures that are used to reduce internal threat and how employees perceive them and
create a human factors model to address human factor gaps in information systems security in
commercial banks in Ethiopia. A case study research design was used, since case study research
design helps to understand a situation in great depth. Purposive sampling was used by this thesis,
since it is recommended for qualitative case researches. The samples were selected based on
eligibility criteria that the respondents should have experience and expertise in information
systems security and the banking activities. The sample consists of information systems security
manager, branch manager, information systems auditor, audit division manager, information
systems support officer and front users. For this research both structured and unstructured
interviews were used. For data analysis thematic analysis and pattern matching techniques were
used. The findings were used to create comprehensive model which can assist in information
systems security to secure information. The study investigated the impact of employees behaviour
with regard to information systems security. The findings prove that users engaged into risky
actions that could make the bank system subject to attack. Employees’ behaviour has been shown
in relation to technology interaction, perception and information systems security training.
Employees behaviour on human factor in information systems security can be improved by
supplying information security training. Information systems security oriented training can
address human factor problems in banks by increasing theoretical and practical knowledge of
the users. Since information systems has the human element as a fundamental component,
information systems security process should include the users.
Description
Keywords
Information Systems Security, Human Behavior, Information Policy, Organizational Culture, Training