Assessing the employees awareness and usage of information security policy in federal inland revenue service, Nigeria

Information security has become an integral part of today’s organizational operations prompting researchers to focus on how to ensure effective information security management in any organization. Federal Inland Revenue Service of Nigeria is concerned with how to protect and manage their information resources in order to improve the confidentiality, integrity and availability of its information assets.Recent studies indicates that this can be achieved through effective implementation of information security policy. The purpose of the study is to find out the precise nature of the existing information security policy, and to assess the level of IT staffs awareness and usage of the policy within the Federal Inland Revenue service of Nigeria. Data were obtained through comprehensive literature review and the use of questionnaire survey method distributed to the IT staffs of FIRS. In this study, data collected was focused on the level of management support of the use of the policy, IT staff understanding and acceptance of the policy use, Awareness and training given to the concern staff, Policy monitoring in terms of use and implementation, enforcement strategies employed, review and update of the policy implementation in FIRS respectively. Results indicates that the IT staffs are aware of the existence and usage of the information security policy to the success of the organization. Additionally, it was concluded that lack of adequate management support has affected the use of the policy. Adopting a comprehensive approach to policy implementations will ensure a better information security management and operational performance in FIRS. Finally, this study recommends that the management support in terms of staff training and awareness programs, continuous monitoring, enforcement and periodic review of the policy should be made to ensure the effectiveness of the organization information security policy