GUIDELINES FOR DEVELOPING INFORMATION SECURITY TRAINING AND AWARENESS PROGRAMS IN GOVERNMENT AGENCY: THE PERSPECTIVE OF ADDIE INSTRUCTIONAL DESIGN MODELS (A CASE STUDY IN INDONESIAN GOVERNMENT AGENCY)
DOI:
https://doi.org/10.20319/pijss.2019.52.863877Keywords:
Training Program, Information Security Awareness, ADDIE, Security Awareness ProgramAbstract
Ideally, every government agency must be able to develop training programs and information security awareness in its own environment. But the fact is in Indonesia, not all of government agencies have implemented training programs and information security awareness. Thirteen percent of the respondents surveyed said they already had the program but were not structured and had no guidance, so the program was not well organized. This study provides a structured guide to building an effective information security training and awareness program, based on the ADDIE instructional design model approach (analyze, design, develop, implement, and evaluate). The results of the study state that the ADDIE instructional design model can be used to construct training programs and information security awareness in government agencies in a structured manner and can guarantee that training, awareness, education and professional development are not stagnant and can always be relevant in answering information security issues that occur in organizations.
References
Boulton, Clint. (2017). Humans are (still) the weakest cybersecurity link. Framingham. CIO magazine. https://www.cio.com/article/3191088/security/humans-are-still-the-weakest-cybersecurity-link.html
Brodie, Cindy. (2009). The Importance of Security Awareness Training. SANS Institute Reading Room site. United States.
K. Sari, Bintari. “Desain Pembelajaran Model ADDIE dan Implementasinya Dengan Teknik JIGSAW”. Prosiding Seminar Nasional Pendidikan. Sidoarjo.
National Institute of Standards and Technology (NIST). (2003). Building an Information Technology Security Awareness and Training Program. Gaithersburg: NIST.
National Institute of Standards and Technology (NIST). (2006). Information Security Handbook: A Guide for Managers. Gaithersburg: NIST.
National Institute of Standards and Technology (NIST). (2008). Performance Measurement Guide for Information Security. Gaithersburg: NIST.
National Institute of Standards and Technology (NIST). (2014). A Role-Based Model for Federal Information Technology/Cybersecurity Training. Gaithersburg: NIST.
PCI (2014). Best Practices for Implementing a Security Awareness Program. Security Standards Council. United States.
Prasasti, Trini dan Tarigan, Asmara I. (2014). Implementing The Addie Model for UT’s Tutor Training Program Development. Prosiding Teaching and Learning in the 21st Century.
Suprijandoko, R. Firman. (2017). Transformasi Lemsaneg menjadi BSSN: Proyeksi model scenario dalam membangun perilaku awareness pada Pemerintah Daerah melalui Program Security Awareness. Jakarta. Jurnal Widyaiswara.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2019 Authors
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.