Paper Title
Measuring Information Security Awareness of Client’s Information Security: Case Study at PT XYZ

Abstract
Information Security Awareness (ISA) is a very important thing for corporation, especially for financial institution. One of the elements, can be seen from the behaviour of employees. Behaviour of outsourcing employees has our attention to be determined. They are not directly bounded with corporation rules, so their knowledge, behaviour and attitude have to analyzed regarding to client’s information security. This research has a purpose to measure the level of information security awareness of PT XYZ employees and to provide suggestions for each focus area that are still below “Good” level. Based on HAIS-Q framework, the output of this study is the mapping of seven focus areas of information security policy and three sub-areas of awareness. The final score of PT XYZ is 81,80 which is classified as Good, however based on the result it still needs more attention at three focus areas, which are Email, Internet, and Social Media use. Therefore, PT XYZ is supposed to enhance their employee’s ISA. Keywords - Information Security Awareness, Information Security Awareness Measurement, HAIS-Q