Evaluating The Internal Threats of an Organisation’s Information Security: A Case Study Of Xpress Gas Limited

Evaluating The Internal Threats of an Organisation’s Information Security: A Case Study Of Xpress Gas Limited

Eric Kwesi Parden

Information is of essence in today’s information age with ubiquity. Control systems are pivotal in any organisation with the quest to grow. Taking into account the numerous cases that have occasioned as a result of the poor control measures put in place to check the system. Advancement in information technologies such as the Internet has called for organisations to protect their information to ensure its confidentiality, integrity, and availability. Information security of every organisation is of essence especially an organisation to remain competitive. Organisations know the value information has regarding the reputation of the entity which can lead to loss of client’s confidence, financial loss, goodwill and trust, loss of potential sales and legal issues. The researcher used both the random sampling and purposive sampling techniques to select the study subjects. The purpose of this research is to evaluate the internal threats within an organisation’s information security; the case of Xpress Gas Ltd. The researcher uses purposive sampling technique because only staff members who directly connect to the logistics side of the information system. The researcher adopts this technique in order to acquire the relevant information. The study population are those employees who are directly dealing with the logistics aspects of the Company constituting the sample size of 200. Data collated from respondents is analyse using a Statistical Package for Social Science version 20 and Microsoft Excel is employ in analysing the data and present the data in table form using Microsoft Word. The findings showed that there are internal threats within Xpress Gas Ltd as majority of the respondents 84.5% threats found within Xpress Gas Ltd are more of internal threats related such as human error or failure, deliberate acts of information extortion, deliberate acts of espionage or trespass, deliberate acts of sabotage or vandalism, deliberate acts of theft, and deliberate software attacks.

Msc. Management Information Systems

Ghana Technology University College

May 2017

Dr. Stephen Asunka