American Journal of Computing Research Repository
ISSN (Print): 2377-4606 ISSN (Online): 2377-4266 Website: http://www.sciepub.com/journal/ajcrr Editor-in-chief: Vishwa Nath Maurya
Open Access
Journal Browser
Go
American Journal of Computing Research Repository. 2015, 3(2), 18-27
DOI: 10.12691/ajcrr-3-2-2
Open AccessArticle

Implementation Framework for Information Systems Policy for Fraud Control in Credit Unions

Samuel Lubanga Oronje1, and Christopher A. Moturi1

1School of Computing and Informatics, University of Nairobi, Nairobi, Kenya

Pub. Date: January 14, 2016

Cite this paper:
Samuel Lubanga Oronje and Christopher A. Moturi. Implementation Framework for Information Systems Policy for Fraud Control in Credit Unions. American Journal of Computing Research Repository. 2015; 3(2):18-27. doi: 10.12691/ajcrr-3-2-2

Abstract

A gap exists in implementing information systems (IS) policy making it difficult to achieve desired impact of securing systems. The resultant problem is fraud which prevails in organizations even though there are documented policies. Four objectives which guided this study included: to establish the level of implementation of IS policy framework, to determine the extent of fraud occurrence on IS, to determine the potential fraud level exposure, and to identify implementation framework for IS policy. The research adopted a descriptive survey design. The targeted population consisted 43 licensed deposit taking Credit Unions within Nairobi Metropolitan Region in Kenya. A total of 140 questionnaires were distributed out of which 125 were returned and validated. Results demonstrated that low level of implementation of policies leads to high fraud rate and higher chances of future occurrence of fraud. The enforcement level of the policies was realized to be directly proportional to the impact level. This indicated that the documented policies within the organizations required an implementation framework. Presence of IS policies in isolation as studied was not sufficient to control fraud in organizations. This study concluded with demonstrating use of the 6x6 Zachman’s framework to implement IS policies.

Keywords:
information systems policy implementation information systems policy framework savings and credit co-operative societies credit unions

Creative CommonsThis work is licensed under a Creative Commons Attribution 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

Figures

Figure of 8

References:

[1]  Askarov, A. and Chong, S., “Learning is Change in Knowledge: Knowledge-based Security for Dynamic Policies,” Proceedings of the 25th IEEE Computer Security Foundations Symposium (CSF), 308-322, June 2012.
 
[2]  SASRA, “SACCO Supervision Annual Report 2012, (Deposit Taking SACCOs),” SACCO Societies Regulatory Authority (SASRA), 2012.
 
[3]  Morgan, J. P., “Association for Financial Professionals,” AFP Payments Fraud and Control Survey Report of Survey results, 2014. [Online]. Available: http://www.regions.com/virtualdocuments/2014_AFP_Payments_Fraud_Survey.pdf. [Accessed: 15th November 2015].
 
[4]  Waema T, M. and Ndung’u N, M., “Evidence for ICT Policy Action Policy,” Understanding what is happening in ICT in Kenya, Policy Paper 9, 2012. [Online]. Available: http://www.researchictafrica.net/publications/Evidence_for_ICT_Policy_Action/Policy_Paper_9_-_Understanding_what_is_happening_in_ICT_in_Kenya.pdf. [Accessed: 15th November 2015].
 
[5]  World Council of Credit Unions, 2014. [Online]. Available: http://www.woccu.org/. [Accessed: 19th November 2015].
 
[6]  SASRA, “SACCO Supervision Annual Report 2013, (Deposit Taking SACCOs),” SACCO Societies Regulatory Authority (SASRA), 2013.
 
[7]  Kenya Economic Report, “Creating an Enabling Environment for Stimulating Investment for Competitive and Sustainable Counties,” Kenya Institute for Public Policy Research and Analysis, (KIPPRA), 2013.
 
[8]  Radwan, A. and Aarabi, M., “Study of Implementing Zachman Framework for Modeling Information Systems for Manufacturing Enterprises Aggregate Planning,” Proceedings of the 2011 International Conference on Industrial Engineering and Operations, Kuala Lumpur, Malaysia, 22-24, January 2011.
 
[9]  Zhang, S., and Le, F. H., “An Examination of the Practicability of COBIT Framework and the Proposal of a COBIT-BSC Model,” Journal of Economics, Business and Management, 1(4). 391-395.
 
[10]  The Open Group [Online]. Available: http://www.opengroup.org/standardsprocess/Standards_Process-Overview.pdf. [Accessed: 21st November, 2015.
 
[11]  ISO, International Standard (ISO/IEC27002), “Information technology - Security techniques - Code of practice for information security controls,” Switzerland, 2013.
 
[12]  Cameron, B. H., and Mcmillan, E., “Analyzing the Current Trends in Enterprise Architecture Frameworks,” Journal of Enterprise Architecture, 60-71 February 2013. [Online] Available: http://ea.ist.psu.edu/documents/journal_feb2013_cameron_2.pdf [Accessed: 22nd November, 2015].
 
[13]  Brooks, P., “Metrics for Service Management,” Designing for ITIL, Van Haren, Zalbommel, 2012.
 
[14]  Wanyama F.O., “Surviving Liberalization,” The Co-operative Movement in Kenya, International Labour Organization, Coop Africa Working Paper No.10, 2009. [Online] Available: http://ilo.org/public/english/employment/ent/coop/africa/download/wp10_survivingliberazation.pdf [Accessed: 22nd November 2015].
 
[15]  Lin, C., Song, F. M. and Sun, Z., “The Financial Implications of Corporate Fraud,” 2011. [Online] Available: http://www.fin.ntu.edu.tw/~conference/conference2012/proceedings/files/A193_Financial%20implications% 20of%20fraud_Nov_01.pdf [Accessed: 22nd November 2015].
 
[16]  Warfield, B., “Employee Fraud in Australian Credit Unions, 2013. [Online] Available: http://www.warfield.com.au/Warfield%20Fraud%20Report%202013_HQ.pdf [Accessed: 22nd November 2015].
 
[17]  Morgan, J. P., “Association for Financial Professionals,” AFP Payments Fraud and Control Survey Report of Survey Results, 2013. [Online]. Available: http://www.larutech.com/jan2014/2013_AFP_Payments_Fraud_Survey.pdf. [Accessed: 22nd November 2015].
 
[18]  Munkner, H-H., “Worldwide regulation of co-operative societies – an Overview,” European Research Institute on Cooperative and Social Enterprises Working Paper, 53 (3). 2013. [Online] Available: http://euricse.eu/sites/euricse.eu/ files/db_uploads/documents/1371044429_n2351.pdf [Accessed: 27th November 2014].
 
[19]  Polikandrioti, M., Goudevenos, I., Michalis, L., Nikolaou, V., Dilanas, C., Olympios, C., Votteas, V., and Elisaf, M., “Validation and reliability analysis of the questionnaire: Needs of hospitalized patients with coronary artery disease,” Health Science Journal, 5 (2). 137-148. 2011.
 
[20]  United States. National Institute of Standards and Technology. “Trend Micro Products (Deep Security and Secure Cloud),” 2012 [Online] Available: http://www.trendmicro.com/cloud-content/us/pdfs/business /oth_fisma-nist-solution-profile.pdf. [Accessed: 27th November 2014].
 
[21]  Witherell, P., Rachuri, S., Narayanan, A., Lee, J.H., FACTS: A Framework for Analysis, Comparison, and Testing of Standards. U.S. Department of Commerce: National Institute of Standards and Technology, 2013 [Online] Available: http://nvlpubs. nist.gov/nistpubs/ir/2013/NIST.IR.7935.pdf [Accessed: 26th November 2015].