Show simple item record

dc.contributor.advisorRainer, R. Kelly
dc.contributor.advisorMarshall, Thomasen_US
dc.contributor.advisorFord, F. Nelsonen_US
dc.contributor.authorRyan, Jamesen_US
dc.date.accessioned2009-02-23T15:52:36Z
dc.date.available2009-02-23T15:52:36Z
dc.date.issued2006-08-15en_US
dc.identifier.urihttp://hdl.handle.net/10415/1327
dc.description.abstractThe study compared the awareness and practice of information security between formal and informal computing-environments. This study was conducted to develop a measurement instrument for user-level awareness and practice of information security and establish a foundation upon which further research could be based. The study results included a delineation of the information security awareness domain, a tested measurement instrument, a tested model for user-level information security awareness, and a statistical profile of user-level information security awareness and practice among employees of a public research university. Characteristics which represent the operational definition of information security awareness and practice were found to be: personal innovativeness, computer self-efficacy, individual awareness, formal practice, and informal practice. Individual awareness was measured over perspectives of technology, policy, and threat-context. Formal practice was measured over perspectives of deterrent, preventive, and combined deterrent-preventive efforts. Informal practice was measured over perspectives of access control, physical protection, user authentication, security management, and encryption. Established scales were used to measure personal innovativeness and computer self-efficacy. The measurement instrument also included demographic variables and technology variables between computing-environments. All of these characteristics were considered ISA domain measures and were included in the developed measurement instrument. The extent of user-level information security awareness was supported by the measure to which these characteristics were acknowledged by individual computer users. A sample of 531 university employees indicated that the measurement instrument exhibited acceptable properties of reliability and validity. The survey data showed that the university employees had information security awareness to some extent. Also, the sample data had satisfactory fit within the research model. The study’s results supported the research model hypotheses. Personal innovativeness and computer self-efficacy had direct, positive relationships with individual awareness. Individual awareness mediated personal innovativeness and computer self-efficacy over direct, positive relationships with formal and informal practice. Formal practice mediated individual awareness over a direct, positive relationship with informal practice. The study’s results also indicated demographic and technology known-groups had effects over the ISA domain measures.en_US
dc.language.isoen_USen_US
dc.rightsEMBARGO_NOT_AUBURNen_US
dc.subjectManagementen_US
dc.titleA Comparison Of Information Security Trends Between Formal And Informal Environmentsen_US
dc.typeDissertationen_US
dc.embargo.lengthMONTHS_WITHHELD:36en_US
dc.embargo.statusEMBARGOEDen_US
dc.embargo.enddate2012-02-23en_US


Files in this item

Show simple item record