¶ … Security Program
Increasing Employee Participation in an Information Security Program
Often organizations will rely on change management strategies and initiatives to gain the cooperation and support of employees for information security programs. A change management program is by definition designed to provide employees with the background of why their information security program needs to be in place, what benefits it delivers, and how critical their support, participation and contributions are (Straub, Welke, 1998). The intent of this analysis is to provide insights into how employee participation can be increased in an information security program.
Best Practices: Increasing Employee Participation
Of the most critical strategies for improving or increasing employee participation in an information security program, the most critical is the leaders of a given organization actively endorsing and showing through their actions that they believe in and support it (Madnick, 1978). This is the single biggest success factor in the adoption of an information security program and also one of the most effective leadership skills in an organization. This not only drives up user security, it also creates a highly effective strategy for making an organization more resilient to change over time (D'Arcy, Hovav, Galletta, 2009). The more committed and involved the CEO and senior management team are in the planning, execution and monitoring of the information security program, the greater the trust in the program itself and adoption over the long-term. It is an indispensable element of any change management strategy or initiative.
A second factor in the successful implementation of a successful information security program is the inclusion of employees in the planning and early implementation phases so they have a strong sense of ownership. Creating a shared bond of trust and allowing the employees to have a voice in the specifics of the security management strategies, including how they affect their jobs, is also vital to the success of the program as well (D'Arcy, Hovav, Galletta, 2009). The greater the employee ownership and vested interest in a program's success, the greater the probability of its success. This emanates from a leader's choosing to endorse and actively support an information security program and show consistency of effort and focus to attain tis objectives (Madnick, 1978).
You’re 71% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.