GUIDELINES FOR DEVELOPING INFORMATION SECURITY TRAINING AND AWARENESS PROGRAMS IN GOVERNMENT AGENCY: THE PERSPECTIVE OF ADDIE INSTRUCTIONAL DESIGN MODELS (A CASE STUDY IN INDONESIAN GOVERNMENT AGENCY)

Authors

  • Kholif Faiz Ma’ruf Training Center for National Cyber and Crypto Agency, Depok, Indonesia
  • Muhammad Machbub Rochman Training Center for National Cyber and Crypto Agency, Depok, Indonesia

DOI:

https://doi.org/10.20319/pijss.2019.52.863877

Keywords:

Training Program, Information Security Awareness, ADDIE, Security Awareness Program

Abstract

Ideally, every government agency must be able to develop training programs and information security awareness in its own environment. But the fact is in Indonesia, not all of government agencies have implemented training programs and information security awareness. Thirteen percent of the respondents surveyed said they already had the program but were not structured and had no guidance, so the program was not well organized. This study provides a structured guide to building an effective information security training and awareness program, based on the ADDIE instructional design model approach (analyze, design, develop, implement, and evaluate). The results of the study state that the ADDIE instructional design model can be used to construct training programs and information security awareness in government agencies in a structured manner and can guarantee that training, awareness, education and professional development are not stagnant and can always be relevant in answering information security issues that occur in organizations.

References

Boulton, Clint. (2017). Humans are (still) the weakest cybersecurity link. Framingham. CIO magazine. https://www.cio.com/article/3191088/security/humans-are-still-the-weakest-cybersecurity-link.html

Brodie, Cindy. (2009). The Importance of Security Awareness Training. SANS Institute Reading Room site. United States.

K. Sari, Bintari. “Desain Pembelajaran Model ADDIE dan Implementasinya Dengan Teknik JIGSAW”. Prosiding Seminar Nasional Pendidikan. Sidoarjo.

National Institute of Standards and Technology (NIST). (2003). Building an Information Technology Security Awareness and Training Program. Gaithersburg: NIST.

National Institute of Standards and Technology (NIST). (2006). Information Security Handbook: A Guide for Managers. Gaithersburg: NIST.

National Institute of Standards and Technology (NIST). (2008). Performance Measurement Guide for Information Security. Gaithersburg: NIST.

National Institute of Standards and Technology (NIST). (2014). A Role-Based Model for Federal Information Technology/Cybersecurity Training. Gaithersburg: NIST.

PCI (2014). Best Practices for Implementing a Security Awareness Program. Security Standards Council. United States.

Prasasti, Trini dan Tarigan, Asmara I. (2014). Implementing The Addie Model for UT’s Tutor Training Program Development. Prosiding Teaching and Learning in the 21st Century.

Suprijandoko, R. Firman. (2017). Transformasi Lemsaneg menjadi BSSN: Proyeksi model scenario dalam membangun perilaku awareness pada Pemerintah Daerah melalui Program Security Awareness. Jakarta. Jurnal Widyaiswara.

Downloads

Published

2019-10-04

How to Cite

Ma’ruf, K. F., & Rochman, M. M. (2019). GUIDELINES FOR DEVELOPING INFORMATION SECURITY TRAINING AND AWARENESS PROGRAMS IN GOVERNMENT AGENCY: THE PERSPECTIVE OF ADDIE INSTRUCTIONAL DESIGN MODELS (A CASE STUDY IN INDONESIAN GOVERNMENT AGENCY). PEOPLE: International Journal of Social Sciences, 5(2), 863–877. https://doi.org/10.20319/pijss.2019.52.863877

Issue

Vol. 5 No. 2 (2019): Regular Issue

Section

Articles

License

Copyright (c) 2019 Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.