Users' perception of the information security policy at Universiti Teknologi Malaysia

Securing information is essential for safeguarding the organization business operations as information is a business asset to any organization including education sector. One of the most imperative information security (InfoSec) controls identified is InfoSec policy. The purpose of this study is to...

Full description

Bibliographic Details
Main Author: Sharif, Haniza
Format: Thesis
Language:English
Published: 2009
Subjects:
Online Access:http://eprints.utm.my/5291/1/HanizaSharifMFSKSM2009.pdf
_version_ 1825909709821968384
author Sharif, Haniza
author_facet Sharif, Haniza
author_sort Sharif, Haniza
collection ePrints
description Securing information is essential for safeguarding the organization business operations as information is a business asset to any organization including education sector. One of the most imperative information security (InfoSec) controls identified is InfoSec policy. The purpose of this study is to gauge the level of enforcement and effectiveness of Universiti Teknologi Malaysia's (UTM) InfoSec policy from the users perspective. This study involved three phases of data collection, namely preliminary study, interview and survey. The preliminary study allows an exploratory activity in understanding the information technology (IT) arrangement and organizational structural practices in UTM environment. Next, an interview with an IT-expert aimed to understand the establishment of the InfoSec in UTM. Then, a survey questionnaire is distributed to post-graduate and non-IT staff of UTM, International Campus, Kuala Lumpur to gauge the level of users perception on the institution's security policy. The study had found that that nearly half of the users perceived that they are aware, understand and accept the UTMs policy, with more than half of the them agreed that the UTMs policy is effective. The study also proposed a theoretical framework model for the effectiveness of the institutions InfoSec policy. The model which consists of enforcement, users awareness, users understanding and users acceptance identified as the independent variables, whereas an effectiveness of InfoSec policy identified as dependant variable. This proposed framework model may be useful as a basis for reference not only for researchers in this field but also for practitioner in developing the InfoSec policy.
first_indexed 2024-03-05T18:06:13Z
format Thesis
id utm.eprints-5291
institution Universiti Teknologi Malaysia - ePrints
language English
last_indexed 2024-03-05T18:06:13Z
publishDate 2009
record_format dspace
spelling utm.eprints-52912018-02-28T07:56:21Z http://eprints.utm.my/5291/ Users' perception of the information security policy at Universiti Teknologi Malaysia Sharif, Haniza QA75 Electronic computers. Computer science Securing information is essential for safeguarding the organization business operations as information is a business asset to any organization including education sector. One of the most imperative information security (InfoSec) controls identified is InfoSec policy. The purpose of this study is to gauge the level of enforcement and effectiveness of Universiti Teknologi Malaysia's (UTM) InfoSec policy from the users perspective. This study involved three phases of data collection, namely preliminary study, interview and survey. The preliminary study allows an exploratory activity in understanding the information technology (IT) arrangement and organizational structural practices in UTM environment. Next, an interview with an IT-expert aimed to understand the establishment of the InfoSec in UTM. Then, a survey questionnaire is distributed to post-graduate and non-IT staff of UTM, International Campus, Kuala Lumpur to gauge the level of users perception on the institution's security policy. The study had found that that nearly half of the users perceived that they are aware, understand and accept the UTMs policy, with more than half of the them agreed that the UTMs policy is effective. The study also proposed a theoretical framework model for the effectiveness of the institutions InfoSec policy. The model which consists of enforcement, users awareness, users understanding and users acceptance identified as the independent variables, whereas an effectiveness of InfoSec policy identified as dependant variable. This proposed framework model may be useful as a basis for reference not only for researchers in this field but also for practitioner in developing the InfoSec policy. 2009-04 Thesis NonPeerReviewed application/pdf en http://eprints.utm.my/5291/1/HanizaSharifMFSKSM2009.pdf Sharif, Haniza (2009) Users' perception of the information security policy at Universiti Teknologi Malaysia. Masters thesis, Universiti Teknologi Malaysia, Faculty of Computer Science and Information System.
spellingShingle QA75 Electronic computers. Computer science
Sharif, Haniza
Users' perception of the information security policy at Universiti Teknologi Malaysia
title Users' perception of the information security policy at Universiti Teknologi Malaysia
title_full Users' perception of the information security policy at Universiti Teknologi Malaysia
title_fullStr Users' perception of the information security policy at Universiti Teknologi Malaysia
title_full_unstemmed Users' perception of the information security policy at Universiti Teknologi Malaysia
title_short Users' perception of the information security policy at Universiti Teknologi Malaysia
title_sort users perception of the information security policy at universiti teknologi malaysia
topic QA75 Electronic computers. Computer science
url http://eprints.utm.my/5291/1/HanizaSharifMFSKSM2009.pdf
work_keys_str_mv AT sharifhaniza usersperceptionoftheinformationsecuritypolicyatuniversititeknologimalaysia