Information Security Policies and their Relationship with the Effectiveness of the Management Information Systems of Major Palestinian Universities in the Gaza Strip

Ann S. Abdelwahed, Ahmed Y. Mahmoud, Ramiz A. Bdair

Abstract


This paper aims to recognise Information Security Policies (ISP) and their relationship with the effectiveness of the Management Information Systems (MIS) of the major Palestinian universities in the Gaza Strip. The researchers used the descriptive analytical approach. They used a questionnaire as a research tool. They used a stratified random sample to explore viewpoints of the research sample which comprised 169 employees of The Islamic University – Gaza, Al Azhar University - Gaza, and Al-Quds Open University - Gaza Strip branches. The population comprised IT center employees and administrative departments’ employees who use MIS in their daily work. 152 questionnaires were collected, with a response rate of 89.94%. The study found that the research sample had shown a high degree of agreement on the ISP dimensions (Risk Assessment of Information Security, Senior Management Support, Reviewing and Updating of ISP, Enforcement of ISP, Training and Awareness of ISP). Those dimensions together gained a rate of 74%. The study also found that the research sample had shown a high degree of agreement on the field of the “Effectiveness of MIS”, with a rate of 81%. In addition, it demonstrated a statistically significance relationship level (α ≤ 0.05) between ISP and the effectiveness of the MIS of the major Palestinian universities in the Gaza Strip. It recommends that the universities should support the Information Security Policies from the process of risk assessment and creation of ISP to the process of continuous reviewing and updating of ISP. Furthermore, the universities should measure the effectiveness of their MIS periodically, to enhance this effectiveness and improve it regularly.

Full Text:

PDF

References


Abd Elrahman, A.A. (2001). “Strategic Planning for Management Information Systems and its impact on these Systems – Analytical Study for Banking and Insurance Sectors in Jordan”. Unpublished Master Thesis. Faculty of Postgraduate Studies. The University of Jordan. Jordan.

Abd Elrazzaq, M.S. (2011). “Crisis Management and Information Systems – The Impact and Effectiveness – An Empirical Study on a Number of Tourism Companies listed in Iraqi Stock Exchange”. Journal of Baghdad College of Economic Sciences. 1(28):143-165.

Abdoyan, R.R.I. (2010). “Impact of the Effectiveness of Management Information Systems on the Performance of the Jordanian Commercial Banks”. Unpublished Master Thesis. Middle East University for Graduate Studies. Amman. Jordan.

Abdrabouh, R.M. (2013). Principles of Management Information Systems. 1st ed. Al-Jendaria for Publishing and distribution. Amman. Jordan.

Abo Omar, H.A.M. (2009). “The Effectiveness of Computer Based Management Information Systems and Its Impact in Crisis Management. Empirical Study in The Banking Sector in Palestine”. Unpublished Master Thesis. Faculty of Commerce. Islamic University. Gaza. Palestine.

Al Ahmed, N.M.M. (2002). "Impact of Structural Characteristics on Effectiveness of Management Information Systems – Study on Jordanian Industrial Firms ". Unpublished Master Thesis. Faculty of Economic and Management Sciences. Yarmouk University. Irbid. Jordan.

Al-Awadi, M. & Renaud K. (2008). “Success Factors in Information Security Implementation in Organizations”. Paper presented at the IADIS International Conference e-Society. Lisbon. Portugal.

Al-Danaf, A. (2013). “Assessment of Information Systems Security Management in Technical Colleges in Gaza Strip, and the ways to improve it”. Unpublished Master Thesis. Faculty of Commerce. Islamic University. Gaza. Palestine.

Al-Dirawi, K. (2014). “Strategic Planning for Management Information Systems and its relationship with Information Security in Palestinian Universities in Gaza Strip”. Unpublished Master Thesis. Faculty of Economic and Management Sciences. Al Azhar University. Gaza. Palestine.

Al-Gathbar, K.B. & Al-Sbaih, A.N. (2012). “Status of Information Security in Kingdom of Saudi Arabia”. Information Studies Journal. (14) 189-205.

Al-Hameed, M.D. & Nino, M.I. (2007). Information Systems Protection. 1st ed. Dar El Hamed for publishing and distribution. Amman. Jordan.

Alkshali, S.J. & Al-Qutob, M. (2007). “Effectiveness of Management Information Systems and Their Impact on Crisis Management: Field Study on Jordanian Industrial Companies”. Jordan Journal of Business Administration. 3(1): 24-45.

Al-Maashar, Z. & Al-Khasba, M. (2006). “Impact of Organizational and Technical Factors on Management Information Systems Applications: Empirical Study in the Jordanian Banking Sector”. Jordan Journal of Business Administration. 2(4): 487-509.

Al-Masri, S. (2007). “The Requirements of E-Signature that Used in the Management of Information Technology Centers in Palestinian Universities in Gaza Strip”. Unpublished Master Thesis. Faculty of Commerce. Islamic University. Gaza. Palestine.

Al-Najjar, F.J. (2010). Management Information Systems - Administrative Perspective. Dar El-Hamed for publishing and distribution. Amman. Jordan.

Al-Rashdi, I.F. (2013). “Effectiveness of Management Information Systems and its Impact on Risk Management – Case Study in Al-Rafdeen Bank”. Unpublished Higher Diploma Thesis. Faculty of Management and Commerce. University of Mosul. Iraq.

Al-Saheb, M.H. (2013). “Information Security Policy in Universities – Case Study”. Cybrarians Journal. (33).

Al-Sarhan, S. & Al-Mashhadani, M. (2001). Security of Computers and Information. Dar Wael for publishing. Amman. Jordan.

Al-Shaqran, R.I. & Ashour, M.A. (2010). “Effectiveness of Management Information Systems in Governmental Jordanian Universities and its Role in Improving Organizational Performance and Development Suggestions from the viewpoint of Leaders and Academics”. Arab Journal for Quality Assurance in Higher Education. 3(6):58-88.

Al-Taeii, M.A.A. (2004). Advanced Management Information Systems. 1st ed. Dar Wael for publishing and distribution. Amman. Jordan.

Alttom, R. (2013). “Information Security and Communications Management in Light of Networks Technology - Case Study: Islamic University of Gaza”. Unpublished Master Thesis. Faculty of Commerce. Islamic University. Gaza. Palestine.

Arnason, S.T. & Willett, K.D. (2008). How to Achieve 27001 Certification: An Example of Applied Compliance Management. Auerbach Publications - Taylor & Francis GroupTaylor & Francis Group, LLC. USA.

Barzegar, N., Araghieh A., & Asgarani M. (2013). “The Role of Management Information Systems (MIS) to Increase Productivity in the Workforce”. Journal of Educational and Management Studies. 3(3): 191-194.

Dawood, H. (2004). Information Networks Security. 1st ed. Institute of Public Administration. Research Center. Riyadh. Saudi Arabia.

Doherty, N.F. & Fulford, H. (2006). "Aligning the information security policy with the strategic information systems plan". Computers & Security. 25 (1): 55–63.

Dulany, K.M. (2002). "Security, It’s Not Just Technical". SANS Institute-InfoSec Reading Room. Swansea. UK.

El Telbani, N. (2013). The Relationship Between Intellectual Capital and Innovation In Jawwal Company-Gaza. Jordan Journal of Business Administration. 9(3): 619-650.

Eloff, M. & Ramdeyal, A. (2004). "A General Methodology for The Development of an Effective Information Security Policy". Proceedings of the ISSA 2004 Enabling Tomorrow Conference. Gallagher Estate. Midrand. South Africa.

Hare, C. (2001). "Information Security Policies, Procedures, and Standards: Establishing an Essential Code of Conduct". Auerbach Publications - CRC Press LLC. USA.

Hien, L.T., Nguyen, T.L. & Cuong, P.H. (2014). “Key Determinants of Information Systems Effectiveness - An Empirical Case in LAC HONG University”. International Journal of Information Technology and Business Management. 32(1): 1-14.

Howard, P. (2002). "The Security Policy Life Cycle: Functions and Responsibilities". Auerbach Publications - CRC Press LLC. USA.

Karyda, M., Kiountouzis, E. & Kokolakis, S. (2005). "Information Systems Security Policies: A Contextual Perspective". Computers & Security. 24(3): 246-260.

Kazemi, M., Khajouei, H. & Masrabadi, H. (2012). “Evaluation of Information Security Management System Success Factors: Case study of Municipal Organizations”. African Journal of Business Management. 6(14): 3982 – 4989.

Knapp, K. & Ferrante, C. (2012). "Policy Awareness, Enforcement and Maintenance: Critical to Information Security Effectiveness in Organizations". Journal of Management & Policy Practice. 13(5): 66 – 80.

Knapp, K., Morris, R., Marshall, L. & Byrd, T. (2009). "Information Security Policy: An Organizational-Level Process Model". Computers & Science. 28(7): 493 – 508.

Maynard, S.B., Ruighaver, A.B. & Sandow-Quirk, M.J. (2002). "Redefining the Information System Security Policy". IS One World Conference. Las Vegas. USA.

Mishra, L., Kendhe R., & Bhalerao J. (2015). “Review on Management Information Systems (MIS) and its Role in Decision Making”. International Journal of Scientific and Research Publications. 5(10): 1-5.

Mlangeni, S. & Biermann, E. (2006). “Assessment of Information Security Policies within the Polokwane Region. A case study”. Unpublished Master Thesis. Tashwane University of Technology. South Africa.

Munirat, Y. (2014). "The Impact of Management Information System (MIS) on the Performance of Business Organization in Nigeria". International Journal of Humanities Social Sciences and Education (IJHSSE). 1(2): 76-86.

Norman, G. (2010). "Likert Scales, Levels of Measurement and the “Laws” of Statistics". Adv in Health Sci Educ. 15:625–632 DOI 10.1007/s10459-010-9222-y.

Oz, E. (2009). Management Information Systems. 6th ed. Course Technology - Thomason learning. USA.

Qureshi, M.S. (2011). “Measuring Efficacy of Information Security Policies A Case Study of UAE Based Company”. Unpublished Master Thesis. Department of Computer and Systems Sciences. Stockholm University. Stockholm. Sweden.

Rabeea, O. (2007). Statistical Analysis using SPSS. 2nd ed. Business Faculty. Menoufia University. Egypt.

Sayedpoor, S.M. & Hoveyda, H. (2015). “Management Information Systems Effect on Managers Decision Making – Case Study: University of Tehran”. Journal UMP Social Sciences and Technology Management. 3(2): 493-500.

Sekaran, U. (2000). Research methods for business: A skill building approach. 3rd ed. New York. John Wiley & Sons, Inc.

Selamat, M.H., Suhaimi, M.A. & Hussin, H. (2006). "Integrating Strategic Information Security with Strategic Information Systems Planning (SISP)". National ICT Conference. Malaysia.

Sidhu, H. (2012). "Fundamental Issues for Developing Information Security Policies". International Journal of Advanced Research in Computer Engineering & Technology (IJARCET). 1(10): 99-104.

Sookdawoor, O. (2005). " An Investigation of Information Security Policies and Practices in Mauritius". Unpublished Master thesis. University of South Africa. South Africa.

Thaalab, S. (2011). Management Information Systems. 1st ed. Dar El Feker. Amman. Jordan.

Trivellas, P.G. & Santouridis I. (2013). “The impact of Management Information Systems’ Effectiveness on Task Productivity – The Case of the Greek Banking Sector”. International Journal of Computer Theory and Engineering. 5(1): 170-173.


Refbacks

  • There are currently no refbacks.



E-ISSN: 2008-8310

   ISSN: 2008-8302