In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
» Openaccess proceedings » 5th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2011)
5th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2011)
Title: What Matters Most Among Human Factors to Comply With Organisation's Information Security Policy?
Author(s): Muhammad Arif
Keywords: Human Factors, Information Security( IS), Information Security Policy (ISP), Willigness to Comply, Reinforcement, Threat Perception, TRAs
Abstract: An organization's success or failure in achieving or maintaining its competitive edge mostly depends on its Human Resource. In a striking semblance! organizations both public and corporate around the world are awakening to this reality that security of their information that consists of data basis developed over years of learning as well as research and development, which are critical to their uniqueness may be lost in fraction of time due no one else's doing but their own very HR. Generally more trust was being placed in technology rather than human elements to ensure Information Security (IS), however, happenings over the time have turned the balance as more than 75 % cases reported around the world Pahnila et al, (2007) have been attributed to human factors like, Security Culture, Awareness, Training, Threat perception and Reinforcement. An empirical study employing both quantitative and qualitative research has been performed to validate the proposed Conceptual Framework based on above human factors deemed important for achieving willingness of the IT users to comply with organizations' Information Security Policies (ISPs). Findings confirm viability of conceptual framework as well as statistical model used. Organization's Security Culture emerges as leading human factor contributing to the overall IT security of an organization followed by Awareness and Training. Findings can be generalized for other geographical regions especially which have resemblance in terms of development, culture and literacy as of Karachi cosmopolitan city of Pakistan.
Download count: 1658
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.