Measuring Information Security Awareness of Client’s Information Security: Case Study at PT XYZ
Information Security Awareness (ISA) is a very important thing for corporation, especially for financial
institution. One of the elements, can be seen from the behaviour of employees. Behaviour of outsourcing employees has our
attention to be determined. They are not directly bounded with corporation rules, so their knowledge, behaviour and attitude
have to analyzed regarding to client’s information security. This research has a purpose to measure the level of information
security awareness of PT XYZ employees and to provide suggestions for each focus area that are still below “Good” level.
Based on HAIS-Q framework, the output of this study is the mapping of seven focus areas of information security policy and
three sub-areas of awareness. The final score of PT XYZ is 81,80 which is classified as Good, however based on the result it
still needs more attention at three focus areas, which are Email, Internet, and Social Media use. Therefore, PT XYZ is
supposed to enhance their employee’s ISA.
Keywords - Information Security Awareness, Information Security Awareness Measurement, HAIS-Q