Institutional Repository

Factorial invariance of an information security culture assessment instrument for multinational organisations with operations across data protection jurisdictions

Show simple item record

dc.contributor.author Da Veiga, Adele
dc.contributor.author Martins, Nico
dc.date.accessioned 2015-12-02T08:20:00Z
dc.date.available 2015-12-02T08:20:00Z
dc.date.issued 2015-10
dc.identifier.issn 2220-9352
dc.identifier.uri http://hdl.handle.net/10500/19753
dc.description.abstract An information security culture is influenced by various factors, one being regulatory requirements. The United Kingdom (UK) has been regulated through the UK Data Protection Act since 1995, whereas South Africa (SA) only promulgated the Protection of Personal Information Act (PoPI) in 2013. Both laws stipulate requirements from an information security perspective with regard to the processing of personal information, however in the UK this has been regulated for a longer period. Consequently, it is to be expected that the information security culture for organisations in the UK will be significantly different from that of SA. This raises the question as to whether the same information security culture assessment (ISCA) instrument could be used in an organisation with offices in both jurisdictions, and whether it might be necessary to customise it according the particular country’s enforcement of information security and privacy-related conditions. This is reviewed, firstly from a theoretical perspective, and secondly a factorial invariance analysis was conducted in a multinational organisation with offices in both the UK and SA, using data from an ISCA questionnaire, to determine possible factorial invariances in terms of the ISCA. en
dc.language.iso en en
dc.publisher Virtus Interpress en
dc.subject information security en
dc.subject information security culture en
dc.subject factorial invariance en
dc.subject structural equation modelling en
dc.subject data protection en
dc.subject privacy en
dc.subject maturity en
dc.subject South Africa en
dc.subject United Kingdom en
dc.subject PoPI en
dc.title Factorial invariance of an information security culture assessment instrument for multinational organisations with operations across data protection jurisdictions en
dc.type Article en
dc.description.department College of Engineering, Science and Technology en


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search UnisaIR


Browse

My Account

Statistics