Please use this identifier to cite or link to this item:
https://etd.cput.ac.za/handle/20.500.11838/2749
DC Field | Value | Language |
---|---|---|
dc.contributor.advisor | De la Harpe, André | en_US |
dc.contributor.advisor | Afolayan, Ayodeji Olanrewaju | en_US |
dc.contributor.author | Michiel, Michael | en_US |
dc.date.accessioned | 2018-12-07T10:42:24Z | - |
dc.date.available | 2018-12-07T10:42:24Z | - |
dc.date.issued | 2018 | - |
dc.identifier.uri | http://hdl.handle.net/20.500.11838/2749 | - |
dc.description | Thesis (MTech (Information Technology))--Cape Peninsula University of Technology, 2018. | en_US |
dc.description.abstract | In today’s world, organisations cannot exist without having information readily available. The protection of information relies not only on technology but also on the behaviour of employees. The failure to institutionalise an information security culture inside an organisation will cause the continued occurrence of security breaches. The aim of the research is to explore how an information security culture can be institutionalised within a petroleum organisation in the Western Cape. The primary research question is posed as follows: “What are the factors affecting the institutionalisation of an information security culture?” To answer the research question, a study was conducted at a petroleum organisation in the Western Cape. A subjectivist ontological and interpretivist epistemological stance has been adopted and an inductive research approach was followed. The research strategy was a case study. Data for this study were gathered through interviews (12 in total) using semi-structured questionnaires. The data collected were transcribed, summarised, and categorised to provide a clear understanding of the data. For this study, twenty-four findings and seven themes were identified. The themes are: i) user awareness training and education; ii) user management; iii) compliance and monitoring; iv) change management; v) process simplification; vi) communication strategy; and vii) top management support. Guidelines are proposed, comprising four primary components. Ethical clearance to conduct the study was obtained from the Ethics committee of CPUT and permission to conduct the study was obtained from the Chief Information Officer (CIO) of the petroleum organisation. The findings point to collaboration between employees, the Information Security department, and management in order to institute a culture of security inside the organisation. | en_US |
dc.language.iso | en | en_US |
dc.publisher | Cape Peninsula University of Technology | en_US |
dc.subject | Corporations -- Security measures | en_US |
dc.subject | Computer security | en_US |
dc.subject | Corporate culture | en_US |
dc.subject | Information technology -- Security measures | en_US |
dc.subject | Security systems | en_US |
dc.title | The institutionalisation of an information security culture in a petroleum organisation in the Western Cape | en_US |
dc.type | Thesis | en_US |
Appears in Collections: | Information Technology - Master's Degree |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
216272149-Michiel-Michael-MTech-Information Technology-Inf&Des-2018.pdf | Thesis | 1.56 MB | Adobe PDF | View/Open |
Page view(s)
736
Last Week
0
0
Last month
6
6
checked on Nov 24, 2024
Download(s)
656
checked on Nov 24, 2024
Google ScholarTM
Check
Items in Digital Knowledge are protected by copyright, with all rights reserved, unless otherwise indicated.