Users' perception of the information security policy at Universiti Teknologi Malaysia
Securing information is essential for safeguarding the organization business operations as information is a business asset to any organization including education sector. One of the most imperative information security (InfoSec) controls identified is InfoSec policy. The purpose of this study is to...
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Published: |
2009
|
Subjects: | |
Online Access: | http://eprints.utm.my/5291/1/HanizaSharifMFSKSM2009.pdf |
_version_ | 1825909709821968384 |
---|---|
author | Sharif, Haniza |
author_facet | Sharif, Haniza |
author_sort | Sharif, Haniza |
collection | ePrints |
description | Securing information is essential for safeguarding the organization business operations as information is a business asset to any organization including education sector. One of the most imperative information security (InfoSec) controls identified is InfoSec policy. The purpose of this study is to gauge the level of enforcement and effectiveness of Universiti Teknologi Malaysia's (UTM) InfoSec policy from the users perspective. This study involved three phases of data collection, namely preliminary study, interview and survey. The preliminary study allows an exploratory activity in understanding the information technology (IT) arrangement and organizational structural practices in UTM environment. Next, an interview with an IT-expert aimed to understand the establishment of the InfoSec in UTM. Then, a survey questionnaire is distributed to post-graduate and non-IT staff of UTM, International Campus, Kuala Lumpur to gauge the level of users perception on the institution's security policy. The study had found that that nearly half of the users perceived that they are aware, understand and accept the UTMs policy, with more than half of the them agreed that the UTMs policy is effective. The study also proposed a theoretical framework model for the effectiveness of the institutions InfoSec policy. The model which consists of enforcement, users awareness, users understanding and users acceptance identified as the independent variables, whereas an effectiveness of InfoSec policy identified as dependant variable. This proposed framework model may be useful as a basis for reference not only for researchers in this field but also for practitioner in developing the InfoSec policy. |
first_indexed | 2024-03-05T18:06:13Z |
format | Thesis |
id | utm.eprints-5291 |
institution | Universiti Teknologi Malaysia - ePrints |
language | English |
last_indexed | 2024-03-05T18:06:13Z |
publishDate | 2009 |
record_format | dspace |
spelling | utm.eprints-52912018-02-28T07:56:21Z http://eprints.utm.my/5291/ Users' perception of the information security policy at Universiti Teknologi Malaysia Sharif, Haniza QA75 Electronic computers. Computer science Securing information is essential for safeguarding the organization business operations as information is a business asset to any organization including education sector. One of the most imperative information security (InfoSec) controls identified is InfoSec policy. The purpose of this study is to gauge the level of enforcement and effectiveness of Universiti Teknologi Malaysia's (UTM) InfoSec policy from the users perspective. This study involved three phases of data collection, namely preliminary study, interview and survey. The preliminary study allows an exploratory activity in understanding the information technology (IT) arrangement and organizational structural practices in UTM environment. Next, an interview with an IT-expert aimed to understand the establishment of the InfoSec in UTM. Then, a survey questionnaire is distributed to post-graduate and non-IT staff of UTM, International Campus, Kuala Lumpur to gauge the level of users perception on the institution's security policy. The study had found that that nearly half of the users perceived that they are aware, understand and accept the UTMs policy, with more than half of the them agreed that the UTMs policy is effective. The study also proposed a theoretical framework model for the effectiveness of the institutions InfoSec policy. The model which consists of enforcement, users awareness, users understanding and users acceptance identified as the independent variables, whereas an effectiveness of InfoSec policy identified as dependant variable. This proposed framework model may be useful as a basis for reference not only for researchers in this field but also for practitioner in developing the InfoSec policy. 2009-04 Thesis NonPeerReviewed application/pdf en http://eprints.utm.my/5291/1/HanizaSharifMFSKSM2009.pdf Sharif, Haniza (2009) Users' perception of the information security policy at Universiti Teknologi Malaysia. Masters thesis, Universiti Teknologi Malaysia, Faculty of Computer Science and Information System. |
spellingShingle | QA75 Electronic computers. Computer science Sharif, Haniza Users' perception of the information security policy at Universiti Teknologi Malaysia |
title | Users' perception of the information security policy at Universiti Teknologi Malaysia |
title_full | Users' perception of the information security policy at Universiti Teknologi Malaysia |
title_fullStr | Users' perception of the information security policy at Universiti Teknologi Malaysia |
title_full_unstemmed | Users' perception of the information security policy at Universiti Teknologi Malaysia |
title_short | Users' perception of the information security policy at Universiti Teknologi Malaysia |
title_sort | users perception of the information security policy at universiti teknologi malaysia |
topic | QA75 Electronic computers. Computer science |
url | http://eprints.utm.my/5291/1/HanizaSharifMFSKSM2009.pdf |
work_keys_str_mv | AT sharifhaniza usersperceptionoftheinformationsecuritypolicyatuniversititeknologimalaysia |