Information security policy compliance model for government agency

Aspects of information security is not sufficient to ensure a high level of information security policies of the organization are met. Behavior of non-compliance with an organization's information security policy is not perfect if they are unable to establish the proper conduct of compliance with existing policies. Human attitude and behavior are the major contributing factors in every information security incident. Therefore, factors affecting their intentions on compliance behavior need to be identified. The purpose of this study is to identify the factors that use the most commonly used modeling elements in the field of psychology and social technology on information security. These factors will form the proposed model that will be validated with the results of a survey from the Information Management Division staff consisting of administrative staff and information technology officers. This study uses a quantitative approach because the most commonly used model design is used in the same field. Statistical software will also be used for analysis purposes in determining the frequency, reliability, and correlation of each factor against compliance in information security policy. A total of 142 respondents gave feedback and showed positive results on 11 factors which is 'Perceived Severity', 'Perceived Vulnerability', 'Response Efficacy', 'Self-Efficacy', 'Perceived Usefulness', 'Perceived Ease of Use', 'Attitude' 'Subjective Norms', 'Awareness', 'Reward' and 'Punishment'. Only one factor gives a negative response to 'Maladaptive Rewards'. The findings of this study will support the proposed compliance model and will guide each government agency in solving the problem of employee behavior in turn will affect the safety of organizational information.

Preview Text FSKTM 2018 50 - IR.pdf Download (2MB) | Preview

Actions (login required)

View Item