Encouraging Employees on Compliant Behaviours about Information Security Measures in Workplaces

The development of technology and computer use has become a critical issue with increasing national and international laws, standards and information security in the present day. Attacks on information systems, destruction of information, the possession of third parties are an indication of the size of the risks. This study is based on answers from department managers who operate in different areas of Istanbul but work on information security. It is the main objective to measure the degree of awareness of users about information security. The work was carried out through the managers and managers of the units, which are mostly operational areas. All of the employees have undergraduate and higher education levels and their average age is 41. The participants were evaluated by asking questions about the employees' knowledge of information security, how they are aware of the importance of the issue, the applications performed, how the control and follow-up are performed and what applications can be developed. Information security is a critical issue for all employees, especially managers. Therefore, information security policies should be developed in institutions, these policies should be shared with all employees and information security awareness trainings should be given to the users.

Anahtar Kelimeler: Information security, compliance, cyberscurity, confidentiality, integrity

The development of technology and computer use has become a critical issue with increasing national and international laws, standards and information security in the present day. Attacks on information systems, destruction of information, the possession of third parties are an indication of the size of the risks. This study is based on answers from department managers who operate in different areas of Istanbul but work on information security. It is the main objective to measure the degree of awareness of users about information security. The work was carried out through the managers and managers of the units, which are mostly operational areas. All of the employees have undergraduate and higher education levels and their average age is 41. The participants were evaluated by asking questions about the employees' knowledge of information security, how they are aware of the importance of the issue, the applications performed, how the control and follow-up are performed and what applications can be developed. Information security is a critical issue for all employees, especially managers. Therefore, information security policies should be developed in institutions, these policies should be shared with all employees and information security awareness trainings should be given to the users.

Keywords: Information security, compliance, cyberscurity, confidentiality, integrity