Information, knowledge, and informa

Information, knowledge, and information security are indispensable in an organisation to ensure the
effectiveness of an organisation. An organisation needs people who have adequate information and
knowledge to run a business. Lack of knowledge especially in information security may jeopardise the
organisation such as the increase of internal security incidents. Human factors will also influence the
effectiveness of an organisation. Therefore, adopting the right behaviour in daily work routines may
increase the effectiveness of the organisation. There is a need to educate everybody in the organisation
regarding information security and security awareness, training, and education programme in cultivating
good behaviours in the organisation. The relationship between human factors, information security,
knowledge, and knowledge management can be encompassed by the term ‘information security
knowledge’. This paper has developed a clear definition of information security knowledge so that it can be
used to guide employees in implementing information security practices within the organisation. Applying
information security knowledge in the organisation may help decrease the internal security incidents that
are posed by humans hence will lead to the organisational information security effectiveness.
Keywords: Human Factor; Knowledge; Information Security; Information Security Effectiveness;
Information Security Knowledge; Knowledge Management