Understanding Human Behaviour in Information Security Policy Compliance in a Malaysian Local Authority Organization

Norhayati Sarmoen, Haliyana Khalid, Siti Zaleha Abd Rasid, Shathees A L Baskaran, Rohaida Basiruddin


The utilization of the Information and Communications Technology (ICT), such as the Internet and electronic mail (e-mail) has made communication nowadays easier, faster and has tremendously reduced the usage of paper. However, if the usage of internet is not properly managed, the possibility of confidential information leakage from the inside of the organization to other entities outside of the organization may occur. The impacts of this malicious activity are beyond the boundaries and cannot be controlled despite implementing various preventive steps and enforcing various regulations.  Previous studies have outlined different factors in influencing information leakages in various organizations. However, none had really identified the severity of the factors up to this day. This research hopes to fill this gap, by focusing on staff in Majlis Perbandaran Pasir Gudang (MPPG), Johor, Malaysia. This study covers factors related to human behaviour which have led towards the cases of information breach. The factors include the lack of understanding of information policy, the lack of training, poor management support and the insensitivity of the staffs toward safeguarding the information from falling to the wrong hands. Thus, it is suggested that the ICT security protection needs to be robust, secure and reliable so that the use of the internet or social media will not only enhance the communication efficiency, but also to ensure that the information security in an organization is at the most optimum level.

Full Text:


DOI: https://doi.org/10.5296/bms.v10i2.14909

Copyright (c) 2019 Norhayati Sarmoen, Haliyana Khalid, Siti Zaleha Abd Rasid, Shathees A L Baskaran, Rohaida Basiruddin

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

Business Management and Strategy  ISSN 2157-6068

Copyright © Macrothink Institute 

To make sure that you can receive messages from us, please add the 'macrothink.org' domain to your e-mail 'safe list'. If you do not receive e-mail in your 'inbox', check your 'bulk mail' or 'junk mail' folders.

If you have any questions, please contact bms@macrothink.org.