Gadzama W.A., Katuka J.I., Gambo Y., Abali A.M., Usman M.J.
Department of Information Security, Universiti Teknologi Malaysia, Malaysia; Department of Computer Science, Universiti Teknologi Malaysia, Malaysia; Department of Computer Science, Adamawa State University Mubi, Nigeria; Department of Computer Science, F
Gadzama, W.A., Department of Information Security, Universiti Teknologi Malaysia, Malaysia; Katuka, J.I., Department of Computer Science, Universiti Teknologi Malaysia, Malaysia; Gambo, Y., Department of Computer Science, Adamawa State University Mubi, Nigeria; Abali, A.M., Department of Computer Science, Federal University Dutse, Nigeria; Usman, M.J., Department of Mathematical Sciences, Bauchi State University Gadau, Nigeria
Information security policy has become an integral part of today’s organizational operations. It is a set of rules that guides computer resource users t259429499 ensure confidentiality, integrity and availability of organization information resources. Federal Inland Revenue Service of Nigeria is a government organization that is responsible for collecting revenues to the government. Due to its nature, it is concerned with how to protect and manage its information resource. This can only be achieved through implementation of an effective information security policy. This policy will help to ensure the confidentiality, integrity and availability of its information assets are protected. The purpose of the study is to find out the precise nature of existing information security policy and also to access the level of IT staffs awareness and usage of the policy in organizations of developing countries using Federal Inland Revenue service, Nigeria as a study area. Questionnaires were distributed which consist of both open and closed ended questions. The data collected were analyzed and presented. The study reveals that the IT staffs are aware of the existence and usage of the information security policy to the success of the organization. It was also revealed that the lack of adequate management support has affected the use of the policy. The study recommends that the management support in terms of staff training and awareness programs, continuous monitoring, enforcement and periodic review of the policy should be made to ensure the effectiveness of the organization information security policy. © 2005 - 2014 JATIT & LLS. All rights reserved.
