Improving Communication of Information Security Policies at a Government Security Organization
Lee, Kirsi (2022)
2022
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2022051910362
https://urn.fi/URN:NBN:fi:amk-2022051910362
Tiivistelmä
This diary thesis describes the tasks of an information security coordinator at a government security organization. The writer was recently assigned to work in this new role in Spring 2022. The aim of this bachelor’s thesis was to increase the understanding of the information security coordinator’s role and to improve the communication of information security policies in the organization.
Daily reporting and a weekly analysis were written during a ten-week reporting phase. Daily reporting describes daily tasks. The goal of the weekly analysis was to analyze the professional development and the themes which arose based on the theoretical background.
As a result of the thesis project work, communication about information security policies in the organization was improved by developing related information packages, instructions, announcements and tailored online training. The material was uploaded to the intranet information security website, which was updated and reorganized by the writer.
The writer’s professional competence developed in several areas, including learning methods to increase information security awareness. The employer is going to utilize the material and the writer’s ideas in information security awareness training.
Daily reporting and a weekly analysis were written during a ten-week reporting phase. Daily reporting describes daily tasks. The goal of the weekly analysis was to analyze the professional development and the themes which arose based on the theoretical background.
As a result of the thesis project work, communication about information security policies in the organization was improved by developing related information packages, instructions, announcements and tailored online training. The material was uploaded to the intranet information security website, which was updated and reorganized by the writer.
The writer’s professional competence developed in several areas, including learning methods to increase information security awareness. The employer is going to utilize the material and the writer’s ideas in information security awareness training.