Framework to Manage Information Security for Malaysian Academic Environment

Among the ICT challenges of most organizations including those from the academic sector is securing their information. Apart from technological aspect, Higher Education Institutions (HEIs) also must implement and enforce proper policies, procedures, and standards in compliance with laws and regulations to safeguard and secure its assets. In this study, four renowned Malaysian HEIs were the choosen in answering the research questions. Two modes of data collection were adopted in this study; interview and survey. Five major constructs of information security framework (ISF) unique to HEIs were identified during preliminary investigation. The result provides valuable information on ISF practices in establishing the components of the ISF. A proposed ISF specific for HEIs was designed. Then a survey was conducted to investigate IT personnel perceptions on the existing information security policy practices at the various HEIs. The result of the study contributes to the understanding of the status and HEIs practices of information security in Malaysian academic setting.