Visible to the public Biblio

Filters: Keyword is Policy ambiguity  [Clear All Filters]
2017-11-20
Buthelezi, M. P., Poll, J. A. van der, Ochola, E. O..  2016.  Ambiguity as a Barrier to Information Security Policy Compliance: A Content Analysis. 2016 International Conference on Computational Science and Computational Intelligence (CSCI). :1360–1367.

Institutions use the information security (InfoSec) policy document as a set of rules and guidelines to govern the use of the institutional information resources. However, a common problem is that these policies are often not followed or complied with. This study explores the extent to which the problem lies with the policy documents themselves. The InfoSec policies are documented in the natural languages, which are prone to ambiguity and misinterpretation. Subsequently such policies may be ambiguous, thereby making it hard, if not impossible for users to comply with. A case study approach with a content analysis was conducted. The research explores the extent of the problem by using a case study of an educational institution in South Africa.