Abstract:

As part of the extensive issue of information security, the article presents a selected company constituting a case study. In this regard, the results of surveys concerning the assessment of employee awareness in the context of the role and significance of information security in an organization are presented. Moreover, an analysis and risk assessment of existing ICT threats was carried out using recommended computer software. Then, conclusions were presented concerning the current level of information security and ICT security systems in the surveyed company in relation to the current knowledge and approach of employees to these issues. This article does not exhaust the studied issues, and therefore the research concerning assessing the level of information security should be re-examined after introducing improvement measures and corrective mechanisms in the company. Control results would allow to better identify the source of threats to information security, including ICT security, and then streamline processes in the company.