Return to search

Organisational information security management : the impact of training and awareness : evaluating the socio-technical impact on organisational information security policy management

Security breaches have attracted attention from corporations and scholars alike. The major organisations are determined to stop security breaches as they are detrimental to their success. Arguably the most common factor contributing to these breaches is employee behaviour, which suggests that changes in employee behaviour can have an impact on improving security. This research aims to study the critical factors (CFs) that impact on employee behaviours toward compliance with their organisation's information security policy. This investigation will focus on the various critical success factors based on their grouping into one of the following three major categories, namely: organisational factors, behavioural factors and training factors. Each of these categories affects a different aspect of information security and the objective is to not only understand the interaction of different factors but also to study further the aims in order to provide practical recommendations for improving organisational information security management. This study has utilised empirical research through the use of both qualitative and quantitative methodologies to inform each stage of the research. This study focused on the health, business and education sectors by empirically evaluating the obstacles and success factors that affect employee compliance to organisational security policies. In addition, this study also evaluated the affect of the socio-technical impact on organisational information security management. The final stage of the research focused on developing an effective training and awareness programme. This training programme was constructed by incorporating the techniques that were identified as enhancing employee perceptions, attitudes and motivations, in order to facilitate a better transference of skills and more sustainable and appropriate behaviours to improve organisational information security management in the workplace. The techniques utilised included: effective communication, knowledge reinforcement, pre- and post-assessment and motivational techniques.

Identiferoai:union.ndltd.org:bl.uk/oai:ethos.bl.uk:583020
Date January 2013
CreatorsWaly, Nesren Saleh
ContributorsTassabehji, Rana; Kamala, Mumtaz
PublisherUniversity of Bradford
Source SetsEthos UK
Detected LanguageEnglish
TypeElectronic Thesis or Dissertation
Sourcehttp://hdl.handle.net/10454/5666

Page generated in 0.0017 seconds