Enhancing information security awareness and computer ethics for non-information technology company using integrated model

Information security is not a major concern for a company that have minimal exposure to information technology (IT). Information Security Awareness and Computer Ethic were two important elements in securing company asset in terms information security. One of the most critical factors in information...

Full description

Saved in:
Bibliographic Details
Main Author: Zainudin, Mohd. Eyzuan
Format: Thesis
Published: 2010
Subjects:
Tags: Add Tag
No Tags, Be the first to tag this record!
id my-utm-ep.16397
record_format uketd_dc
spelling my-utm-ep.163972017-08-23T07:59:27Z Enhancing information security awareness and computer ethics for non-information technology company using integrated model 2010 Zainudin, Mohd. Eyzuan QA75 Electronic computers. Computer science Information security is not a major concern for a company that have minimal exposure to information technology (IT). Information Security Awareness and Computer Ethic were two important elements in securing company asset in terms information security. One of the most critical factors in information security controls identified is information security policy. The purpose of this study is to gauge the level of enforcement and effectiveness of computer ethic and information security policy from user’s perspective. This project involved three phases data collection, namely preliminary study, interview and survey. The preliminary study allows an exploratory activity through observation and informal interview session in understanding the organizational working environment and IT practices. After that, an interview with an IT manager, IT staff and ordinary user is set to understand the current IT practices in the organization. Next, a survey questionnaire is distributed randomly to all staff of the organization to gauge the level of users’ perception on the information security policy and computer ethics. Referring to the statistical data tabulated from the respondent’s feedback on the survey, more than half of the users perceived that they are unaware of security awareness practices in the organization. This study also proposed a theoretical framework model for the effectiveness of the organization’s information security policy and computer ethics. The integration framework of these security models is identified to be a useful basis for reference to the information security practitioner for non IT company. 2010 Thesis http://eprints.utm.my/id/eprint/16397/ http://libraryopac.utm.my/client/en_AU/main/search/detailnonmodal/ent:$002f$002fSD_ILS$002f0$002fSD_ILS:396627/one?qu=Enhancing+information+security+awareness+and+computer+ethics+for+non-information+technology+company+using+integrated+model masters Universiti Teknologi Malaysia, Faculty of Computer Science and Information System Faculty of Computer Science and Information System
institution Universiti Teknologi Malaysia
collection UTM Institutional Repository
topic QA75 Electronic computers
Computer science
spellingShingle QA75 Electronic computers
Computer science
Zainudin, Mohd. Eyzuan
Enhancing information security awareness and computer ethics for non-information technology company using integrated model
description Information security is not a major concern for a company that have minimal exposure to information technology (IT). Information Security Awareness and Computer Ethic were two important elements in securing company asset in terms information security. One of the most critical factors in information security controls identified is information security policy. The purpose of this study is to gauge the level of enforcement and effectiveness of computer ethic and information security policy from user’s perspective. This project involved three phases data collection, namely preliminary study, interview and survey. The preliminary study allows an exploratory activity through observation and informal interview session in understanding the organizational working environment and IT practices. After that, an interview with an IT manager, IT staff and ordinary user is set to understand the current IT practices in the organization. Next, a survey questionnaire is distributed randomly to all staff of the organization to gauge the level of users’ perception on the information security policy and computer ethics. Referring to the statistical data tabulated from the respondent’s feedback on the survey, more than half of the users perceived that they are unaware of security awareness practices in the organization. This study also proposed a theoretical framework model for the effectiveness of the organization’s information security policy and computer ethics. The integration framework of these security models is identified to be a useful basis for reference to the information security practitioner for non IT company.
format Thesis
qualification_level Master's degree
author Zainudin, Mohd. Eyzuan
author_facet Zainudin, Mohd. Eyzuan
author_sort Zainudin, Mohd. Eyzuan
title Enhancing information security awareness and computer ethics for non-information technology company using integrated model
title_short Enhancing information security awareness and computer ethics for non-information technology company using integrated model
title_full Enhancing information security awareness and computer ethics for non-information technology company using integrated model
title_fullStr Enhancing information security awareness and computer ethics for non-information technology company using integrated model
title_full_unstemmed Enhancing information security awareness and computer ethics for non-information technology company using integrated model
title_sort enhancing information security awareness and computer ethics for non-information technology company using integrated model
granting_institution Universiti Teknologi Malaysia, Faculty of Computer Science and Information System
granting_department Faculty of Computer Science and Information System
publishDate 2010
_version_ 1747815033753042944