AN EMPIRICAL STUDY OF STAFF COMPLIANCE TO INFORMATION SECURITY POLICY IN A SOUTH AFRICAN MUNICIPALITY

Download This Article

Nehemiah Mavetera ORCID logo, Ntebogang Dinah Moroke, Abbey Sebetlele

https://doi.org/10.22495/cocv13i1c11p9

Abstract

Despite increasing investment in information security and its strategic role in today’s business success, effective implementation of information security strategies still remains one of the top challenges facing global organizations. This study investigated Information Security Policy compliance of staff members of a municipality in South Africa. Factors such as information security policy, security policy strategic planning, policy implementation and compliance were considered. A questionnaire was distributed to 80 staff members from different sections in this municipality and a response rate of 100% was achieved. The study findings showed that the majority of employees are largely in support of the municipality’s efforts to develop and implement a security policy framework. They also concur that compliance to security policy safeguards and prevents intrusion information, theft and "denial of service". Among other issues, it is recommended that more training and awareness campaigns should be done to all employees in order to improve security of information in this municipality. The study results can be limited by the small number of the population as indicated that the sample was equal to the population (N=n).

Keywords: Information Security Policy; South Africa

How to cite this paper: Mavetera, N., Moroke, N.D., Abbey Sebetlele, A. (2015). An empirical study of staff compliance to information security policy in a South African municipality. Corporate Ownership & Control, 13(1-11), 1375-1384. https://doi.org/10.22495/cocv13i1c11p9