IIUM Repository

Exploring staff perception of InfoSec policy compliance: Palestine Universities empirical study

Mohammad Iriqat, Yousef and Ahlan, Abdul Rahman and Abdul Molok, Nurul Nuha and Abd Rahim, Noor Hayani (2019) Exploring staff perception of InfoSec policy compliance: Palestine Universities empirical study. In: 1st International Conference of Intelligent Computing and Engineering (ICOICE 2019), 15th-16th December 2019, Hadhramout, Yemen.

[img] PDF - Published Version
Restricted to Registered users only

Download (1MB) | Request a copy
[img]
Preview
PDF (SCOPUS) - Supplemental Material
Download (218kB) | Preview

Abstract

There is worldwide recognition of the problems associated with insider threats, intentional and unintentional; One of the significant issues in mitigating InfoSec risks is Staff compliance intention of InfoSec policies (ISP"s). The study purpose seeks to understand and explore Staff compliance intention of ISP"s based on how Staff perceive several factors adopted from multi-Theories from ISP"s research. Such as Sanction from General Deterrence Theory, Rewards as extrinsic motivation, Coping Appraisal from Protection Motivation Theory, and, Information Reinforcement that constitute the theoretical model. In the context of Palestine universities, the research Model first part constitutes the understanding of Staff awareness of ISP"s based on four selected Policy-Focused Areas (PFA) from SANS 2014. Moreover, to assess this knowledge to reflect on the multi-Theory perception factors effects on Staff compliance intention. Furthermore, to investigated Staff SETA to assess how universities value their Staff knowledge on ISP"s. The research Methodology explores the problem empirically using descriptive analysis research design such as summaries and regression analysis. The study has 600 datasets collected from six universities by the developed research quantitative instrument. The findings show that Staff value the importance of the model factors in promoting Staff compliance intention. Staff have some awareness of PFA"s and SETA needs extra attention. The Practical implications for creating ISP compliance among university Staff by drawing on their perception of factors adopted from multi-Theories. Consequently, as for the organisation, effective SETA programs to sustain the effort of Staff compliance intention of ISP"s. Meanwhile, this study seeks to assert that ISP"s compliance is the responsibility of all academic and administrative Staff from all department and as a paradigm for other employees. The research covers ISP perception among Palestine Staff, and the expected outcome includes-A novel theoretical contribution model with six significantly contributing factors. Also, PFA in the context of Palestine contributes as a methodological contribution and Staff SETA as practical research contribution. © 2019 IEEE.

Item Type: Conference or Workshop Item (Plenary Papers)
Additional Information: 1716/82328
Uncontrolled Keywords: —Information Security Policies; InfoSec Policies Compliance; SETA; Policy-Focused Area
Subjects: L Education > LB Theory and practice of education > LB1044 Internet in Education
T Technology > T Technology (General)
Kulliyyahs/Centres/Divisions/Institutes (Can select more than one option. Press CONTROL button): Kulliyyah of Information and Communication Technology
Kulliyyah of Information and Communication Technology
Depositing User: Assoc Prof Dr. Abd Rahman Ahlan
Date Deposited: 20 Aug 2020 07:54
Last Modified: 20 Aug 2020 07:57
URI: http://irep.iium.edu.my/id/eprint/82328

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year