Universiti Teknologi Malaysia Institutional Repository

Enhancing information security awareness and computer ethics for non-information technology company using integrated model

Zainudin, Mohd. Eyzuan (2010) Enhancing information security awareness and computer ethics for non-information technology company using integrated model. Masters thesis, Universiti Teknologi Malaysia, Faculty of Computer Science and Information System.

Full text not available from this repository.

Official URL: http://libraryopac.utm.my/client/en_AU/main/search...

Abstract

Information security is not a major concern for a company that have minimal exposure to information technology (IT). Information Security Awareness and Computer Ethic were two important elements in securing company asset in terms information security. One of the most critical factors in information security controls identified is information security policy. The purpose of this study is to gauge the level of enforcement and effectiveness of computer ethic and information security policy from user’s perspective. This project involved three phases data collection, namely preliminary study, interview and survey. The preliminary study allows an exploratory activity through observation and informal interview session in understanding the organizational working environment and IT practices. After that, an interview with an IT manager, IT staff and ordinary user is set to understand the current IT practices in the organization. Next, a survey questionnaire is distributed randomly to all staff of the organization to gauge the level of users’ perception on the information security policy and computer ethics. Referring to the statistical data tabulated from the respondent’s feedback on the survey, more than half of the users perceived that they are unaware of security awareness practices in the organization. This study also proposed a theoretical framework model for the effectiveness of the organization’s information security policy and computer ethics. The integration framework of these security models is identified to be a useful basis for reference to the information security practitioner for non IT company.

Item Type:Thesis (Masters)
Additional Information:Supervisor : Assoc. Prof. Dr. Zuraini Ismail; Thesis (Sarjana Sains (Sains Komputer - Keselamatan Maklumat)) - Universiti Teknologi Malaysia 2010
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System (Formerly known)
ID Code:16397
Deposited By: Ms Zalinda Shuratman
Deposited On:05 Jul 2017 07:02
Last Modified:23 Aug 2017 07:59

Repository Staff Only: item control page