Investigating The Security Policies Of Computerized Accounting Information Systems In The Banking Industry Of An Emerging Economy: The Case Of Egypt

Information has become one of the most valuable corporate assets, which should be protected with care and concern because business survival and success are heavily dependent upon the confidentiality, integrity and continued availability of critical information. The reliance on information and rapidly changing technology forces many organizations to implement comprehensive information security programs to protect their information systems. However, the success of implementing such security programs relies largely on employees’ awareness and compliance. The failure to secure information or to make it available when required to those who need it would lead to financial and non-financial losses. The objective of this paper is to explore the main characteristics of security policies of the computerised accounting information systems (CAIS) in the Egyptian Banking Industry (EBI), and to investigate the differences among bank types regarding the existence, implementation, clarity, comprehensiveness, publicity, awareness, management attitudes, and participation in designing, developing and evaluating their banks’ CAIS security policies. The research statistics revealed that the vast majority the surveyed banks has formal written, clear, comprehensive, reasonable and well-published CAIS security policies. Moreover, the majority of respondents believed that there was adequate awareness of CAIS security issues among their banks’ managers and employees and that managers had positive attitudes and paid great attention to security issues. Further, the majority of respondents also claimed that they participated in designing, developing and evaluating their banking CAIS security policies and controls