@inproceedings{scholars6463, journal = {2016 3rd International Conference on Computer and Information Sciences, ICCOINS 2016 - Proceedings}, publisher = {Institute of Electrical and Electronics Engineers Inc.}, title = {Information security policies: Investigation of compliance in universities}, pages = {564--569}, note = {cited By 20; Conference of 3rd International Conference on Computer and Information Sciences, ICCOINS 2016 ; Conference Date: 15 August 2016 Through 17 August 2016; Conference Code:125433}, year = {2016}, doi = {10.1109/ICCOINS.2016.7783277}, url = {https://www.scopus.com/inward/record.uri?eid=2-s2.0-85010443395&doi=10.1109\%2fICCOINS.2016.7783277&partnerID=40&md5=29d04bbf28e6cfb59a88fdfb47239373}, keywords = {Education; Information science; Security systems; Societies and institutions, Information security awareness; Information security incidents; Information security policies; Institutional governance; Institutional policies; Quantitative study; Security issues; Security policy, Security of data}, abstract = {Information security awareness (ISA) is signified as a state of consciousness and acquaintance about the potential security issues/breaches and is found to have an association with security policies compliance in organizations. Many information security incidents occur due to the negligence and unintentional behavior of internal employees resulting in a serious internal threat to the safety of organizational assets. The compliance with security rules and regulations significantly depends upon the realization of threat and skills to cope with the situations. Universities in Malaysia are operating in either public or private domain; comprise of International and National students and employees. These universities accommodate ample amount of confidential personal and educational information of international and national students, faculty and staff. This paper intends to identify the provision of policies and acquaintance of universities employees on information security policies (ISP) defined by their institution. A quantitative study has been conducted in public and private universities of Malaysia to identify employees' perceptions towards their acquaintance of ISPs. Results indicate that end users of information security policies understand the importance of awareness and compliance with institutional policies. {\^A}{\copyright} 2016 IEEE.}, author = {Hina, S. and Dominic, D. D.}, isbn = {9781509051342} }