Show simple item record

dc.contributor.authorSherif, Emaden_GB
dc.date.accessioned2012-07-24T15:24:36Z
dc.date.available2012-07-24T15:24:36Z
dc.date.issued2012-05
dc.identifier.citationSherif, Emad. (2012) 'Information security policy : the National Payment System in Libya'. MSc Thesis. University of Bedfordshire.en_GB
dc.identifier.urihttp://hdl.handle.net/10547/235594
dc.descriptionA Thesis submitted at the University of Bedfordshire In partial fulfilment for the degree of Master of Science in Information Management and Securityen_GB
dc.description.abstractInformation security officers, practitioners and academics agree that information security policy is the basis of any organisation’s information security. Information security practitioners share and agree that it is rare that information security policy bring out the desirable results. In order to study and analyse this problem, academics have focused on various methods to motivate employees toward policy compliance, however, they have not paid much attention on employees’ expectations and how they perceive the information security policy. Also, employees’ satisfaction and awareness of information security policy is critical as it may improve the security level by decreasing the internal threat risks. In this thesis, analysing organisation’s employees’ expectation about information security policies based on a framework that is formed regarding internal threat motivation, consequences, security behaviour and security countermeasures. Therefore, single case study was adopted in this thesis. The study outcomes along with the case study findings state that organisation’s employees’ expectations toward an information security policy should be paid much attention during forming security regulations and even during implementation of information security policy within organisations. The thesis concludes that employees’ security behaviour is related to their information security background and awareness, as well as, security countermeasures, where if the countermeasures perceived negatively, it may negatively help to increase the risk in terms of internal threat. Finally, security countermeasures must be defined before taking negative actions toward employees, as well as, information security training should be scheduled regularly within organisation and they should be arranged regarding to the organisational groups’ professions.
dc.language.isoenen
dc.publisherUniversity of Bedfordshireen_GB
dc.subjectG500 Information Systemsen_GB
dc.subjectinformation securityen_GB
dc.subjectdata securityen_GB
dc.subjectcomputer securityen_GB
dc.subjectsecurity policyen_GB
dc.subjectinternal threaten_GB
dc.subjectexternal threaten_GB
dc.subjectNational Payment Systemen_GB
dc.subjectLibyaen_GB
dc.titleInformation security policy : the National Payment System in Libyaen
dc.typeThesis or dissertationen
html.description.abstractInformation security officers, practitioners and academics agree that information security policy is the basis of any organisation’s information security. Information security practitioners share and agree that it is rare that information security policy bring out the desirable results. In order to study and analyse this problem, academics have focused on various methods to motivate employees toward policy compliance, however, they have not paid much attention on employees’ expectations and how they perceive the information security policy. Also, employees’ satisfaction and awareness of information security policy is critical as it may improve the security level by decreasing the internal threat risks. In this thesis, analysing organisation’s employees’ expectation about information security policies based on a framework that is formed regarding internal threat motivation, consequences, security behaviour and security countermeasures. Therefore, single case study was adopted in this thesis. The study outcomes along with the case study findings state that organisation’s employees’ expectations toward an information security policy should be paid much attention during forming security regulations and even during implementation of information security policy within organisations. The thesis concludes that employees’ security behaviour is related to their information security background and awareness, as well as, security countermeasures, where if the countermeasures perceived negatively, it may negatively help to increase the risk in terms of internal threat. Finally, security countermeasures must be defined before taking negative actions toward employees, as well as, information security training should be scheduled regularly within organisation and they should be arranged regarding to the organisational groups’ professions.


Files in this item

Thumbnail
Name:
SherifXF-1032226.pdf
Size:
971.7Kb
Format:
PDF
Description:
thesis

This item appears in the following Collection(s)

Show simple item record