Institutional Repository

Awareness and training: the influence on end-user' attitude towards information security policy compliance

Show simple item record

dc.contributor.advisor Abdullah, Hanifah
dc.contributor.author Snyman, Mmabatho Charity
dc.date.accessioned 2018-05-25T12:02:10Z
dc.date.available 2018-05-25T12:02:10Z
dc.date.issued 2017-02
dc.identifier.citation Snyman, Mmabatho Charity (2017) Awareness and training: the influence on end-user' attitude towards information security policy compliance, University of South Africa, Pretoria, <http://hdl.handle.net/10500/24107>
dc.identifier.uri http://hdl.handle.net/10500/24107
dc.description.abstract Research accentuates that end-users‘ noncompliance with information security policy (ISP) is a key concern for government just as it is for the private sector. Although awareness and training programmes are important factors impacting employees‘ intentions to comply with an organisation‘s ISP, it can be argued that there is insufficient empirical evidence to support this assertion. To address this gap, this study seeks to expand research on ISP compliance by focusing on attitudes as targets of change. A research model based on the Theory of Planned Behaviour was proposed to illustrate the influence of ISP awareness training on end-users‘ attitudes towards complying with their organisation‘s ISP. Relevant hypotheses were developed to test the research conceptualisation. A survey and an experiment was undertaken to collect the data from a sample of 173 end-users of a single government organisation in one province. The data was captured and analysed using a Statistical Package for Social Sciences (SPSS). Furthermore, Structural Equation Modelling (SEM) was used to test whether the overall model appears to be a good fit to support the hypotheses. The reliability, validity, and model fit were found to be statistically significant, and three out of five research hypotheses were supported. Overall this study contributes to the existing body of knowledge by providing an understanding of the methods that can be used to encourage end-users‘ ISP compliance behaviour through an attitudinal shift, thereby targeting end-users‘ attitude as a means to improve information security policy compliance. Implications of the findings are further discussed in the paper. en
dc.format.extent 1 online resource (xvii, 169 pages) en
dc.language.iso en en
dc.subject Attitudes en
dc.subject Information security en
dc.subject Information security policy en
dc.subject Awareness training en
dc.subject Intentions to comply en
dc.subject Information security compliance en
dc.subject Self-efficacy en
dc.subject.ddc 005.8
dc.subject.lcsh Information technology -- Security measures en
dc.subject.lcsh Business enterprises -- Computer networks -- Security measures en
dc.subject.lcsh Information technology -- Government policy en
dc.subject.lcsh Computer security -- Government policy en
dc.subject.lcsh Data protection -- Government policy en
dc.subject.lcsh Computer networks -- Security measures en
dc.subject.lcsh Compliance auditing en
dc.subject.lcsh Information technology -- Management en
dc.title Awareness and training: the influence on end-user' attitude towards information security policy compliance en
dc.type Dissertation en
dc.description.department Information Technology
dc.description.degree M. Tech. (Information Technology)


Files in this item

This item appears in the following Collection(s)

  • Unisa ETD [12744]
    Electronic versions of theses and dissertations submitted to Unisa since 2003

Show simple item record

Search UnisaIR


Browse

My Account

Statistics