Information security policy perceived compliance model for staff in Palestine Universities /

Information security policies play a significant role in securing university information assets. There should be clear information security policies in place to ensure effective staff compliance—policy perceptibility has a positive impact on employee adherence. The focus of the research is staff com...

Full description

Saved in:
Bibliographic Details
Main Author: Iriqat, Yousef Mohammad Mousa (Author)
Format: Thesis
Language:English
Published: Kuala Lumpur : Kulliyyah of Information and Communication Technology, International Islamic University Malaysia, 2020
Subjects:
Online Access:http://studentrepo.iium.edu.my/handle/123456789/10424
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Information security policies play a significant role in securing university information assets. There should be clear information security policies in place to ensure effective staff compliance—policy perceptibility has a positive impact on employee adherence. The focus of the research is staff compliance intention of information security policies in Palestine universities. There is a need for empirical analysis on staff perception of information security policies compliance based on the intersection and combination of factors adopted from research on multiple information security theories that could have a direct/ indirect effect on staff compliance intention. Therefore, this study seeks to understand and explore staff compliance intention of information security policies based on how they perceive several factors such as perceived sanction from general deterrence theory, perceived rewards as extrinsic motivation, perceived coping appraisal from protection motivation theory, and, information quality, information privacy and facilitating conditions perceived factors from information reinforcement. Therefore, we propose a theoretical novel model built around the perception core model and the Palestinian context. The core model constitutes the perception factors, that is, how “perceived” factors directly affect “perceived” intention to comply. Our model is suited for the Palestinian context, as it works to understand staff compliance of information security policies based on staff perception of policy focused areas and staff security education and training awareness. To significantly implement the theoretical research model, the population of the study covers a wide area of Palestine form several universities to validate and confirm the model empirically using structural equation modelling. The study research design is an empirical, quantitative, exploratory (and descriptive), in addition to the developed research instrument incorporated to achieve the research methods and objectives specifically. The study objective was achieved by carefully reviewing the most appropriate potential approaches to the problem. The researcher sought a model that could find and explain any gaps in staff perception of information security policies and model factors. Thus, a novel model was designed, validated and tested. This study made a theoretical contribution through its novel model. The use of policy focused areas made the model incorporate elements from the Palestinian context directly. This is important, as current staff perceptions of information security policies play a significant role in studying them and discussing potential future policies. In this sense, it provides a methodological contribution. Furthermore, the use of data on security education and training awareness enabled us to provide potential solutions to existing problems more effectively. Security education and training awareness programs demonstrably enhance compliance intention and unify efforts between universities and their employees to mitigate security threats from insiders, be they intentional or unintentional. This constitutes a practical contribution.
Item Description:Abstracts in English and Arabic.
"A thesis submitted in fulfilment of the requirement for the degree of Doctor of Philosophy in Information Technology." --On title page.
Physical Description:xvi, 276 leaves : illustrations ; 30cm.
Bibliography:Includes bibliographical references (leaves 234-255).