Term Paper on "Measuring Awareness"

Term Paper 12 pages (3182 words) Sources: 1+

[EXCERPT] . . . .

Measuring Awareness

Business Information Systems - Measuring Awareness

Measuring Awareness in the Organization

Theoretical Perspectives Measuring Awareness

Awareness Measuring Techniques

Managing Security As Part Of Efficient Awareness

Measuring Awareness Vs. Measuring Knowledge

Business Information Systems and Employee Awareness

Types of Training Necessary

Key Features of Awareness Program

Business Information Systems - Measuring Awareness

As businesses continue to become technologically advanced and operate in global contexts, more and more business information systems are used to streamline business processes and enable efficient communications and transactions between internal and external customers. Surprisingly in many cases business information systems are used inefficiently at best within the organization. Worse, improper use of business information system often results in security risks and threats to the well being of the organization and its employees.

The purpose of this research paper is an analysis of effective techniques for improving employee awareness regarding business information systems particularly with regard to security training. The aim is to evaluate a strategy for implementing a successful awareness program and identify the level of awareness necessary in a business environment. In addition the researcher will attempt to quantify how business information systems benefit organizations, how they are linked to organizational systems and how employee awareness factors into organizational competency and ultimately organizational success.

Background to the Problem

Only in recent years have researchers and organizations paused to consider the relevance employee awareness may have on business information systems (Coe, 2005). Lack of awareness within the organization at all levels may not only inhibit organizational efficiency, but may also compromise organizational security. Organizations are continually faced with increasing threats from hackers, viruses and even disgruntled employees that can circumvent internal security measures (Rasmussen, 2005). The best way for an organization to protect itself from security threats is to address threats directly by education employees and measuring employee awareness of business information systems and vital security measures in place to protect those system (Rasmussen, 2005).

Awareness also results in greater productivity, motivation to perform a job correctly and self-empowerment among employees (Coe, 2005). For these reasons and more organizations are attempting to measure and also quantify awareness of information systems within the organizational system.

Significance of Problem

Studies suggest that only slightly more than half of employees in companies large and small have a complete understanding and awareness not only of the functions of business information systems but also of security risks and procedures inherent with use of such systems (Coe, 2005). User error is to blame for 70% or more of problems business have with information technology (Coe, 2005). For this reason it is vital that organizations develop methods and techniques for not only measuring awareness but also tools for training employees to maximize efficiency and enhance security.

Literature Review

Measuring Awareness In The Organization

Coe (2005) suggests that only 60% of employees remember or are aware of their organizations computer security programs. A recent study released by the National Cyber Security Alliance confirmed this report suggesting that "more than a third of PC users thought they ha a greater chance of winning the lottery than being hit by malicious code" (Coe, 1).

Another survey by Ernst & Young reports that greater than 70% of organizations fail to raise employee awareness of business information systems as many do not see training as a top organizational initiative (Coe, 2005).

Unfortunately more than 72% of businesses are also at increased risk of infection and security attacks (Coe, 2005). Ongoing security training is vital to an organizations health and well-being.

Wood (2002) suggests that organization use online tools include free tools such as PentaSafe Security Technologies online Information Security Awareness Index to benchmark an organization's level of security and address any risks posed by lack of awareness (1). He notes that "human errors are the major cause of security breaches in organizations today" and suggests that organization must work to create stronger policies, define roles and responsibilities more clearly and manage security awareness to help business grow successfully and safely (Wood, 2002).

Some refer to the process of measuring awareness as an information audit (Dobson, 2001). This audit determines where information comes from in an organization, where it goes, how it is used, who manages and shares it and who may process information (Dobson, 2001). An information awareness or audit should be customized to an organization and focus on "awareness, relevance, usability and unmet needs" with respect to business information systems (Dobson, 2001). An organization may also need to assess how information moves within the organization (Dobson, 2001).

To adequately measure awareness an organization must first establish goals for its audit, identify individuals responsible for measuring information knowledge and provide them with background information regarding the organization, and then engage in awareness measuring techniques (Dobson, 2001).

Theoretical Perspectives Measuring Awareness

Currie & Galliers (1999) point out that when considering business information systems within organizations it is important that researchers determine what the theoretical and methodological approach to the examination of the issue at hand be. In order for research to be valid it must be "underpinned by theoretical and methodological approaches" where relevant (Currie & Galliers, 3). Thus one should approach awareness and the desire to measure it from a methodological or theoretical approach.

From a methodological perspective a researcher must first understand the basic social phenomena underlying a given situation. With regard to awareness the organization must first be able to define business information systems before an organization can measure awareness regarding this system (Currie & Galliers, 1999). Researching information systems involves examining political and organizational processes related to maintaining and sharing information and working with technology within the organization (Currie and Galliers, 1999).

From a theoretical perspective Currie & Galliers (1999) suggest that an information system works synergistically within an organization with the organization and information system having a "transformational effect on one another" (p.8). This means that one's compounds may react and impact one another. Information systems within an organizational context must "be studied, understand managed together not separately" (Currie & Galliers, 8). Measuring information technology inherently then also means measuring intellectual technology within the organization (Currie & Galliers, 1999).

There are a number of theoretical perspectives, which explore the relationship between information systems and organizational structure. Earl (1998) summarizes many of the principle positions which include the idea that (1) business information systems are central to organizational control, (2) business information systems decentralize organizational control, (3) organization and business information systems interact unpredictably and (4) within organizations information systems can enable new organizational arrangements including a networked organization (Earl, p. 6). Each of these ideas is influenced in some manner by employee awareness. For example, if business information's systems are central to organizational control then one can conclude that awareness of such systems are central to an organizations efficiency and profitability (Earl, 1998).

If business information systems decentralize the organizations structure, information should more easily be distributed to lower levels of the organization, empowering workers to make their own decisions when adequately aware of the information available through computer systems (Earl, 1998). Business information systems are most likely to react unpredictable when user error is common (Earl, 1998). However, an organization may intervene in this instance by measuring awareness of information systems and business processes to ensure employees are equipped with the tools necessary to succeed.

Awareness Measuring Techniques

There are multiple techniques an organization can use to measure awareness. The first are interviews, which help an organization primarily evaluate "information needs, staff responsiveness and attitudes" toward security and "information services in general" (Dobson, 2001). Interviews help managers track the methods employees use to share information and allow specific questioning that can help define gaps in knowledge (Dobson, 2001).

Focus groups are another method for measuring awareness (Dobson, 2001) that allow participants to interact and generate ideas in a team oriented environment. This technique often enables organizations to evaluate existing information systems, awareness regarding them and potential security breeches or gaps in knowledge among groups of employees (Dobson, 2001).

Surveys are yet another technique that provide quantifiable information regarding information systems organizations can use to benchmark processes (Dobson, 2001). The best surveys are those that incorporate short, simple questions (Dobson, 2001). Questions would be direct, clear and to the point.

Managing Security As Part Of Efficient Awareness

There are many types of business information system security programs organizations can implement. Examples include firewalls and anti-virus software; unfortunately security breaches occur even with these programs in place, often because organizations fail to recognize the human aspect of information security in the workplace (Wood, 2002).

An ideal security awareness program is one that will not only enable corporations to recognize threats but also respond to them in a timely fashion. Rasmussen (2005) suggests that awareness programs should start within senior management support within organizations. Employees should have access to security policies but also sign them to acknowledge their understanding and acceptance of them (Rasmussen, 2005).

Measuring Awareness Vs. Measuring Knowledge

It is vital that organizations understand the difference between measuring knowledge and measuring awareness in… READ MORE

How to Reference "Measuring Awareness" Term Paper in a Bibliography

Related Term Papers:

Teenager's Awareness and Their Lack of Implementing Term Paper

Teenager's Awareness and Their Lack of Implementing Information Security and Online Privacy Concepts

This work contains a research proposal for a behavioral medication intervention for teens ages 12 to 17,… read more

Term Paper 31 pages (8637 words) Sources: 30 Style: APA Topic: Child Development / Youth / Teens

---

Organizations Need an Awareness of Their Environment? Essay

organizations need an awareness of their environment?

In an increasingly globalized and competitive marketplace, organizational leaders must keep track of changes in consumer demand and tastes, what their competitors are… read more

Essay 8 pages (2804 words) Sources: 8 Topic: Leadership / Mentoring

---

Adolescent's Awareness and Their Lack of Implementing Term Paper

ADOLESCENT'S AWARENESS and THEIR LACK of IMPLEMENTING INFORMATION SECURITY and ONLINE PRIVACY REGULATIONS of (82525) 83436

AN ANALYTICAL ASSESSMENT of ADOLESCENT'S AWARENESS and THEIR LACK of IMPLEMENTING INFORMATION SECURITY and… read more

Term Paper 40 pages (11261 words) Sources: 30 Style: APA Topic: Computers / IT / Internet

---

Aviation Accidents & Situational Awareness Dissertation

The increasing traffic has made the task even more reliant on the SA capabilities of the ATC personnel. The job of safety becomes even more complex given the 3D nature… read more

Dissertation 82 pages (24100 words) Sources: 188 Style: Harvard Topic: Physics / Quantum Theory

---

Marketing Mix Analysis of the Relationship Research Paper

Marketing Mix Analysis

Analysis of the Relationship Between the Marketing Mix and Brand Equity in the High Technology Industry

Brand equity is earned over years and for many companies, decades… read more

Research Paper 4 pages (1730 words) Sources: 5 Topic: Advertising / Marketing / Sales

---

View 100+ more related papers  >>