Impact of Information Security Policies on Organisation Characteristic and Organisation Changes


Ahmed, Reaz and Tan, Olivia Swee Leng and Khan, Shereen (2022) Impact of Information Security Policies on Organisation Characteristic and Organisation Changes. In: Postgraduate Social Science Colloquium 2022, 1 - 2 June 2022, Online.

[img] Text
aug 2022.pdf
Restricted to Repository staff only

Download (1MB)


Background - Information systems nowadays are cornerstones of any company. Beside the speedy advancements in info technology (IT), a rising range of security risks and incidents have increased in severity, impact and nature. Malaysia, like many other countries in the world, aims to attain its vision to become a knowledge-based nation. Information Technology (IT) industry is contributing to Malaysia's Gross Domestic Product (GDP) and gaining worldwide competitive advantage. At present studies concentrated on factors those impact employees to agree to the information security strategy. But some vital measurements have not yet been tried experimentally. The literatures so far have shown that there is no such measurement that impacts the organisation characteristic and organisation culture on information security policy and the influence of awareness of the information security policies on the information security. Purpose - The purpose of this research is to examine whether organisation characteristic and organisation culture have any impact on changes in existing information security policies or making new policies are necessary to escape from huge monetary loss that the Malaysian organisations are facing now due to terrifyingly increasing amount of cybercrimes. Design/methodology/approach - This research would follow positivist in epistemological philosophy trough functionalist paradigm. General Deterrence Theory (GDT) and Theory of Planned Behaviour (TPB) have been used as theoretical framework to guide the findings of this research. This research would follow quantitative research method through deductive approach following cross sectional time horizon. Findings/Expected Contributions - The expected outcomes of this research may have several expected contributions. Firstly, the expected outcomes should provide direction to organisations and expert professionals. It is because the organisations are now facing monetary loss due to cybercrimes. Based on the findings of this research the organisations and expert professionals will be able to understand whether any change in the existing policies are required or not. In case, if any organisation does not have any information security policy, based on the findings of this research, may consider of implementing such policy to protect or reduce the level of monetary loss the organisation is facing due cybercrimes. Secondly, from relevant research gap the researcher has revealed that the expected outcomes would be an innovative study for Cyberjaya and Klang Valley of Malaysia. From earlier researches the researcher has found till to date no such research had been conducted based on these two regions. Thirdly, the expected research outcomes should provide direction to government officials and public policy and lawmakers to prepare education and training materials for focused groups. It is really important to include cybersecurity issues in education and training materials to create a good social awareness which at present is quite lacking. Once it is included in education and training materials general people will be more alert and therefore cybercriminals cannot affect the society much. Research limitations - As like as all other researches this research would also have some limitations. Hopefully the future researchers who are interested to work extensively based on the similar research area, that is, information security can improve by focusing on these issues. Firstly, the focus of this research is a single developing nation, Malaysia. The future researchers can conduct the research in other developing and developed nations using the proposed model of this research. To enhance assumption of the findings future researchers may also incorporate a larger sample size besides widening the sample area. Secondly, the researcher of this research after extensive reviews of literature found that this research is first of its types using the independent, mediating and dependent variables. In future the researchers may conduct the study using different theoretical framework and other data analysis technique. Thirdly, this research would be focused on Cyberjaya, the main IT hub and the Klang Valley. The future researches may include comparative studies with the neighbour countries, comparative studies within ASEAN (Association of Southeast Asian Nations) countries or within the SAARC (South Asian Association for Regional Cooperation) countries beside more expandable regions, etc. Lastly, in this research one single model would be introduced. For an organisation a model shaped can be utilised as a guide in changing, modifying, updating or growing further ones for different organisations. The future researchers can go for further researches using another model or more than one models. Originality/value - The results of the pilot study so far have revealed that the value of cronbach’s alpha (α) for all the constructs are within the satisfactory level. The findings of the pilot study have proved that the internal consistency for the constructs are either “good” or “excellent”. In brief, the results of the pilot study are showing that the constructs used in this research are reliable to proceed further. Based on the results of the pilot study the researcher has already started collecting data and in the midst of collecting data. Also from the background of the study it is clear that this is a unique study as till to date the constructs used in this research are unique.

Item Type: Conference or Workshop Item (Paper)
Uncontrolled Keywords: Information Security, Information Security Policy, Organisation Characteristic, Organisation Change, Quantitative Research
Subjects: H Social Sciences > HD Industries. Land use. Labor > HD28-70 Management. Industrial Management
Divisions: Faculty of Management (FOM)
Depositing User: Ms Rosnani Abd Wahab
Date Deposited: 17 Aug 2022 07:05
Last Modified: 17 Aug 2022 07:05


Downloads per month over past year

View ItemEdit (login required)