Computer Science homework help. Special Instructions
To answer the questions effectively, please follow the below instructions:
• Each team might contain three students. Each student must conduct an interview with cybersecurity employee in the chosen company as individual, which mean each group should have three filled questionnaires.
• Use your analysis skills to analyze all data collected by your team.
• It is possible to measure the significance of collected data by countering the frequency of each item (i.e. if the item frequent three times, this mean it is very significant)
• You should answer the questions in this research activity as group.
______________________________________________________________________
Questionnaire
Section 1.0: Introduction
In this era, the revolution of information technology is changing several aspects of enterprises’ practices. One of these changes is many enterprises make their systems available online. This most likely is encouraging cyber criminals to hack these systems. One of the approaches that help to mitigate cybersecurity risks is adopting of Information Security Policy (ISP). However, it is not known to what extent the enterprises in Saudi Arabia are adopting Information Security Policy in general, and in small and medium enterprises’ (SMEs) in particular. This research project aims to discover the success factors for the adoption of Information Security Policy in Saudi SMEs.
Section 2.0: Profile of Responding Manager or Owner
Please indicate
1. Your job role: Owner
Chief Executiveofficer (CEO)
Manager
Other (Please specify):
2. Your gender: Male
Female
3. How many years have you been working for the organization?
< 1 year
1 – 5 years
6 – 10 years Over 10 years
Section 3.0: Profile of Responding Enterprise
1. Please indicate the sector of business area of your organization
Food & Drink
Entertainment/Culture
Retail/wholesale
Restaurants
Cleaning
Commercial & Creative Arts
Financial Broker Services
Information Technology
Furnishings/Home Products
Real Estate Services
Telecommunication
Automotive
Health & Caring Services
Education/Training
Clothing, Fashion & Beauty
Professional Services
Retail/wholesale
Other: (Please specify)
Entertainment/Culture
Employment Agency
2. Please indicate your organization’s approximate revenue
<SAR3 million
SAR3 million – $40 million
SAR40 million – SAR200 million
3. Number of employees
0 – 5
6 – 49
50 – 249
Section 4.0: Information Security Policy (ISP)
1. Please indicate when did your enterprise adopt ISP
2. Please indicate how your enterprise developed the ISP
By internal team
By third party By hiring a consultant
Other:(Please indicate ……………………………………………………………….……………..)
3. Please indicate which framework was used to develop your ISP
ISO 27002:2013
NIST 800-53
COBIT PCI-DSS
National Cybersecurity Authority(NCA-KSA)
Other:
4. How often do your enterprise review the ISP?
Every three months
Every six months Every year
Other:(Please indicate ……………………………………………………………….……………..)
5. Who Authorizes Information Security Policy at your organization?
Board of directors
Information Security leader
Information security committee
Other: (Please indicate …………………………………………………………..…………………..)
6. Please indicate your enterprise adoption level based on the Capability Maturity Model Scale
Level State Description
0 Non-Existent The organization is unaware of need for policies and processes
1 Ad-hoc There are no documented policies or processes; there is sporadic activity.
2 Repeatable Policies and processes are not fully documented; however, the activities occur on a regular basis.
3 Defined Process Policies and processes are documented and standardized; there is an active commitment to implementation
4 Managed Policies and processes are well defined, implemented, measured, and tested.
5 Optimized Policies and process are well understood and have been fully integrated into the organizational culture.
Section 5.0: Success Factors of ISP Adoption in Saudi SMEs
1 2 3 4 5
Strongly Agee Agree Neutral Disagree Strongly disagree
Please use the following scale to rate your answer:
Technological (T) Factors
1. Availability of technical Expertise
• Availability of cybersecurity consultant facilities the adoption of ISP in our enterprise 1 2 3 4 5
• Availability of IT staff trained in cybersecurity facilities the adoption of ISP in our enterprise 1 2 3 4 5
2. Complexity
• Perceived low level of complexity in cybersecurity systems facilities the adoption of ISP in our enterprise 1 2 3 4 5
• Ease of using cybersecurity systems facilities the adoption of ISP in our enterprise 1 2 3 4 5
3. Cybersecurity systems Cost
• Low cost of cybersecurity systems facilities the adoption of ISP in our enterprise 1 2 3 4 5
• Availability of cybersecurity systems vendors help to reduce the cost which in turn facilities the adoption of ISP in our enterprise 1 2 3 4 5
Organizational (O) Factors
1. Security Concerns
• The powerful of cybersecurity systems facilities the adoption of ISP in our enterprise 1 2 3 4 5
• Perceived cybersecurity risks encourage our enterprise to adopt ISP 1 2 3 4 5
• Presence of trust in enterprise’s cybersecurity systems help to adopt ISP 1 2 3 4 5
2. Training
• Availability of periodical cybersecurity training help to adopt ISP 1 2 3 4 5
• Encourage our employees to get professional certificates in cybersecurity that facilitates the adoption of ISP 1 2 3 4 5
• Conducting cybersecurity training courses for non-IT employee that facilitates the adoption of ISP 1 2 3 4 5
3. Top management support
• Top management committed to support cybersecurity adoption in our company (enterprise) 1 2 3 4 5
• Top management in our company(enterprise) is fully aware about the importance of cybersecurity advantages which in turn facilitatesthe adoption of ISP 1 2 3 4 5
• Availability of technical background for the top management in our company help the adoption of ISP 1 2 3 4 5
• The willingness of top management to develop our companyhelp the adoption of ISP 1 2 3 4 5
4. Organizational Awareness
• The high level of cybersecurity awareness of our employeeshelpsto adopt ISP easily 1 2 3 4 5
5. Organizational Culture
• Emphasis growth through developing new ideasthat facilitates the adoption of ISP 1 2 3 4 5
• Employee’s loyalty for our company(enterprise)that facilitates the adoption of ISP 1 2 3 4 5
• Willingness of our company (enterprise)to achieve its goalsthat facilitates the adoption of ISP 1 2 3 4 5
Environmental (E) Factors
1. Cybersecurity Law
• The presence of cybersecurity law in Saudi Arabiafacilitatesthe adoption of ISP 1 2 3 4 5
• Our company(enterprise) awareness about the cybersecurity lawfacilitates the adoption of ISP
1 2 3 4 5
2. External Pressure
• Competitors’ pressure encourages our company to adopt ISP 1 2 3 4 5
• Customers’ pressure encourages our company to adopt ISP 1 2 3 4 5
• Suppliers’ pressure encourages our company to adopt ISP 1 2 3 4 5
• Government’s pressure encourages our company to adopt ISP 1 2 3 4 5
Other: Please indicate ….
Question One
Write down in more details, how did each member of your team select the participating company?
Question Two
Based on your analysis for section 2, 3, and 4 of all questionnaires that were collected by your team, what are the significant items? Support your answer by providing an example from your collected data.
Question Three
Identify the significant factors in section 5 of the questionnaires collected by your team? Discuss the findings from your point of view?
Email Us: support@academicessayhelper.com. Contact Us:
Solution:
15% off for this assignment.
Our Prices Start at $11.99. As Our First Client, Use Coupon Code GET15 to claim 15% Discount This Month!!
Why US?
100% Confidentiality
Information about customers is confidential and never disclosed to third parties.
Timely Delivery
No missed deadlines – 97% of assignments are completed in time.
Original Writing
We complete all papers from scratch. You can get a plagiarism report.
Money Back
If you are convinced that our writer has not followed your requirements, feel free to ask for a refund.