Information security policy : the National Payment System in Libya

4.75
Hdl Handle:
http://hdl.handle.net/10547/235594
Title:
Information security policy : the National Payment System in Libya
Authors:
Sherif, Emad
Abstract:
Information security officers, practitioners and academics agree that information security policy is the basis of any organisation’s information security. Information security practitioners share and agree that it is rare that information security policy bring out the desirable results. In order to study and analyse this problem, academics have focused on various methods to motivate employees toward policy compliance, however, they have not paid much attention on employees’ expectations and how they perceive the information security policy. Also, employees’ satisfaction and awareness of information security policy is critical as it may improve the security level by decreasing the internal threat risks. In this thesis, analysing organisation’s employees’ expectation about information security policies based on a framework that is formed regarding internal threat motivation, consequences, security behaviour and security countermeasures. Therefore, single case study was adopted in this thesis. The study outcomes along with the case study findings state that organisation’s employees’ expectations toward an information security policy should be paid much attention during forming security regulations and even during implementation of information security policy within organisations. The thesis concludes that employees’ security behaviour is related to their information security background and awareness, as well as, security countermeasures, where if the countermeasures perceived negatively, it may negatively help to increase the risk in terms of internal threat. Finally, security countermeasures must be defined before taking negative actions toward employees, as well as, information security training should be scheduled regularly within organisation and they should be arranged regarding to the organisational groups’ professions.
Citation:
Sherif, Emad. (2012) 'Information security policy : the National Payment System in Libya'. MSc Thesis. University of Bedfordshire.
Publisher:
University of Bedfordshire
Issue Date:
May-2012
URI:
http://hdl.handle.net/10547/235594
Type:
Thesis or dissertation
Language:
en
Description:
A Thesis submitted at the University of Bedfordshire In partial fulfilment for the degree of Master of Science in Information Management and Security
Appears in Collections:
Masters e-theses

Full metadata record

DC FieldValue Language
dc.contributor.authorSherif, Emaden_GB
dc.date.accessioned2012-07-24T15:24:36Z-
dc.date.available2012-07-24T15:24:36Z-
dc.date.issued2012-05-
dc.identifier.citationSherif, Emad. (2012) 'Information security policy : the National Payment System in Libya'. MSc Thesis. University of Bedfordshire.en_GB
dc.identifier.urihttp://hdl.handle.net/10547/235594-
dc.descriptionA Thesis submitted at the University of Bedfordshire In partial fulfilment for the degree of Master of Science in Information Management and Securityen_GB
dc.description.abstractInformation security officers, practitioners and academics agree that information security policy is the basis of any organisation’s information security. Information security practitioners share and agree that it is rare that information security policy bring out the desirable results. In order to study and analyse this problem, academics have focused on various methods to motivate employees toward policy compliance, however, they have not paid much attention on employees’ expectations and how they perceive the information security policy. Also, employees’ satisfaction and awareness of information security policy is critical as it may improve the security level by decreasing the internal threat risks. In this thesis, analysing organisation’s employees’ expectation about information security policies based on a framework that is formed regarding internal threat motivation, consequences, security behaviour and security countermeasures. Therefore, single case study was adopted in this thesis. The study outcomes along with the case study findings state that organisation’s employees’ expectations toward an information security policy should be paid much attention during forming security regulations and even during implementation of information security policy within organisations. The thesis concludes that employees’ security behaviour is related to their information security background and awareness, as well as, security countermeasures, where if the countermeasures perceived negatively, it may negatively help to increase the risk in terms of internal threat. Finally, security countermeasures must be defined before taking negative actions toward employees, as well as, information security training should be scheduled regularly within organisation and they should be arranged regarding to the organisational groups’ professions.en_GB
dc.language.isoenen
dc.publisherUniversity of Bedfordshireen_GB
dc.subjectG500 Information Systemsen_GB
dc.subjectinformation securityen_GB
dc.subjectdata securityen_GB
dc.subjectcomputer securityen_GB
dc.subjectsecurity policyen_GB
dc.subjectinternal threaten_GB
dc.subjectexternal threaten_GB
dc.subjectNational Payment Systemen_GB
dc.subjectLibyaen_GB
dc.titleInformation security policy : the National Payment System in Libyaen
dc.typeThesis or dissertationen
This item is licensed under a Creative Commons License
Creative Commons
All Items in UOBREP are protected by copyright, with all rights reserved, unless otherwise indicated.