Date of Award
2003
Document Type
Dissertation
Degree Name
Doctor of Philosophy
Program
Leadership PhD
First Advisor
Elsie P. Jackson
Second Advisor
Loretta B. Johns
Third Advisor
Douglas A. Jones
Abstract
Purpose of Study. Due to an increase in global competition and employee dishonesty, the need for information security is on the rise. Consequently the XYZ Engineering Center faces an ever-increasing threat of industrial espionage and information theft. Employees of the Center have been given the product-security policy and have been encouraged to secure confidential information. Therefore, this study was designed to determine the level at which employees at the XYZ Engineering Center understand, value, and practice information security. Additionally, the study also examined employee views on physical safety while at work.
Methodology. The study used analysis of variance and a two-sample f-test to statistically analyze the survey results. Quantitative data were collected by use of a questionnaire that was developed by the researcher. The questionnaire was distributed to 395 employees and was completed by 189. A number of hypotheses were developed to examine the relationship between employees’ understanding, valuing, and practicing information security and their length of service with the company, their employment status, and time in their current position. This study revealed that employees with 5 or less years of service appeared not to value, understand, or practice information security as much as employees with more time on the job. Additionally, the study found that contract employees appeared to be less concerned about information security than salaried employees. With regard to physical safety, all employees reported feeling safe at work.
Conclusion. The results o f this study indicate that there is a need for XYZ Engineering Center to place emphasis on working with employees to assure that compliance to security polices is met. While there is need for continued education for all employees, special attention should be given to employees with fewer years of service.
Subject Area
Information technology--Security measures, Industries--Security measures.
Recommended Citation
Mancini, Dale J., "An Examination of Employees' Understanding and Implementation of the Information Security Program at XYZ Engineering Center" (2003). Dissertations. 555.
https://digitalcommons.andrews.edu/dissertations/555
https://dx.doi.org/10.32597/dissertations/555/
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
DOI
https://dx.doi.org/10.32597/dissertations/555/
Files over 3MB may be slow to open. For best results, right-click and select "save as..."
Included in
Business Administration, Management, and Operations Commons, Portfolio and Security Analysis Commons