INFORMATION SECURITY AWARENESS IN CORPORATE GOVERNANCE
Sham Sul Kamal Wan Fakeh , Mohd Sazili Shahibi, Adnan Jamaludin , Wan Ab Kadir Wan Dollah , Muhammad Khairulnizam Zaini , Yamin Kamis, Ahmad Soufiean Othman
The matrix analysis of the literature review in this study succeeded in producing factors that contribute to information security awareness. Information security awareness plays an important role in the continuity of an organization. Information security refers to the elements of confidentiality, integrity, and availability, of data or information, in an organization. The research began with definitions of information, information security, and information security awareness, as identified by previous publications. The four independent variables established in this study are policy of information security, education of information security, knowledge of IT, and employee’s behaviour towards information security in the workplace. A survey was selected as a research method for the study, and was conducted in order to gain respondent’s feedback on the level of information security awareness. The survey findings showed that the level of information security awareness was considered high, but the relation or contribution factors proposed by this study were only slight correlated.
Information Security, awareness, organization, variables, integrity
 Ahmad, A.M (2010). Information security governance in Saudi organizations: an empiral studhy. Information Management & Computer Security, 18 (4), 226-276.
 Blyth, A., & Kovacich, G. (2006). Information assurance: Security in the information. Cambridge: Spriger.
 Burn,R.B.(2000).Introduction to research method.Australia: Longman
 Caroll, M.D. (2006). Information security: Examining and managing the insider threat. ACM Proceeding of the 3rd Annual Conference on Information Security Curriculum Development 2006. Kennesaw.
 ENISA. (2006). A users’ Guide: How to raise information security awareness. Retrieved March 17, 2012.
 Gross, J.B, (2008). Looking for trouble: ACM Proceedings of the 2008 Human Interaction for the Management of Information Technology. (p.10) Cambridge. MA.
 Kruger, H.A., & Kearney, W.D.(2006). A Prototype for assessing information security awareness. Computer & Security, 25, 289-289.
 Saint-Gemain, R. (2005). Information security management best practice based on ISO/IEC 17799. Information Management Journal, 39 (4), 60-65.
 Stroub, D.W. (1990). Effective IS Security: An Empirical Study. Information System Research, 1 (3), 255-276.
 Takemura, T. (2011), A Quantitative Study on Japenes Workers’ Awareness to Information Security Using the data collected by Web based survey, American Journal of Economics and Business Administration, 20-26.
 Theiss, H. (1983). On Terminology. Information Science in Action: System Design, 1,84-94.
 Thomson, M.E., & Solms, R.v. (1998). Information security awareness: educating your users effectively. Information Management & Computer Security, 6 (4), 167-173.
 Tipton, H.F., & Krause, M. (Eds.) (2004). Information Security Management Handbook (5th Edition ed.) U.S.A: CRC Press LC.
 Vroom, C., 7 R.v. Solms, 2004. Towards information security behavioral compliance. Computers & Security, 23(3): 191-198.
 Whitman, M.E., & HJ. Mattord, 2005. Principles of Information Security (2nd Edition ed.). Australia: Thomson course Technolgy
[Sham Sul Kamal Wan Fakeh , Mohd Sazili Shahibi, Adnan Jamaludin , Wan Ab Kadir Wan Dollah , Muhammad Khairulnizam Zaini , Yamin Kamis, Ahmad Soufiean Othman (2014), INFORMATION SECURITY AWARENESS IN CORPORATE GOVERNANCE, International Journal of Innovative Research in Computer Science & Technology (IJIRCST), Vol-2, Issue-3, Page No-93-98], (ISSN 2347 - 5552). www.ijircst.org
Sham Sul Kamal Wan Fakeh
Faculty of Information, University Teknologi (UiTM) Mara Shah Alam, Selangor Malaysia, 019-6038522, 03-79622143 (e-mail: firstname.lastname@example.org)