StudyDaddy Information Systems Rewrite

Rewrite

Significance of the Study 1

The significance of this study will be to expand on previous knowledge of information security. The study explores information security policy awareness, enforcement, and maintenance in relation to information security program effectiveness. Understanding this relationship will provide knowledge that may allow practitioners to develop more effective information security programs. As a result, this study will assist in mitigating employee noncompliance and potentially reduce the percentage of breaches encountered by organizations.

Moreover, reducing the percentage of breaches will eventually minimize the financial burden of organizations due to information security breaches.

The results of this study will add to the body of information on information security. Furthermore, the findings should contribute further information on the relationship between information security policy awareness, enforcement, maintenance and information security program effectiveness. This added information will provide scholars and practitioners with a profound understanding of the effects that information security policy awareness, enforcement, and maintenance have on information security program effectiveness. The study is especially relevant in the mitigation of employee noncompliance to information security policy because data gathered is from the employee’s perspective. Therefore, it addresses the relationships between IVs and DVs from the employee’s point of view. With employees being the weakest link in security programs, this study may provide information that can enhance information security program effectiveness (Knapp & Ferrante, 2012).

Significance of the Study 2

Information security can be achieved through empirical investigation on the implementation of effective organizational Information security program (Hagen, et al.: Herath and Rao). Effective information security program improves information security (Jolmston & Hale. 2009). by maintaining integrity. confidentiality, and availability, while providing appropriate and consistent information, achieving adequate organizational goals. Effective information security program. utilizes resources efficiently, and implements effective internal control measures that provide reasonable assurance that available control objectives are effective enough to thwart, detect, prevent or correct any threats in a timely manner (Vîlsanoiu. & Serban, 2010).

Information system of today faces more potential security infringement than ever before. The regular susceptibility of data to breaches is a function of systems users’ disinclination to follow appropriate security measures (Lomo-David. et al. 2011). Mitigating the effect of security breaches requires a strong Information Security Management (ISM) (Ma Sclmiidt & Pearson 2009). Many researchers agree that protecting information systems is necessary for an organization to maintain information availability. reliability, and confidentiality; however, literature on the actions that would best meet IS challenges in developing countries are inadequate.

Lack of effective IS program in developing countries is the reason for IS vulnerabilities (Abu-Musa 2010), particularly in Nigerian private and public organizations. .Many businesses are at risk due to emerging security threats, and there are few literatures that address IS program effectiveness. An available literature on IS program effectiveness found that organization’s IS policy is a critical document that must address security issues and eventually encourage IS effectiveness (Knapp & Ferrante, 2012).

Effective ISP is essential to organizations, as security breaches can be very expensive especially those breaches perpetrated by employees (Wall, et al. 2013). Having the right tools to respond to threats would help businesses stay competitive and perform well (Hall et al. 2011).

Given these, this study assessed whether policy awareness, policy enforcement, and policy maintenance contribute to Information Security Program (ISP) effectiveness in Nigerian organizations. No One has evaluated what facilitates effective Information Security program in Nigerian organizations. This study hopes to bridge the gap and contribute to the literature on what facilitates effective information security program in developing countries and Nigeria, In particular.

Definitions of Terms

Information security program effectiveness (SPE). This is a measure of performance that determines whether the program is achieving its objective of protecting the organization’s information (Knapp & Ferrante, 2012).

Information security policy awareness (ISPA). This is the organization’s effort to educate employees about security policies (Knapp & Ferrante, 2012).

Information security policy enforcement (ISPE). This is the organization’s effort to correct an employee’s policy violation (Knapp & Ferrante, 2012).

Information security maintenance (ISPM). This is the organization’s effort to update policies periodically (Knapp & Ferrante, 2012).

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!