Administratiivtöötajate digiturvalisuse pädevuse hindamine

Administrative personnel are more and more inclined towards digital work and thus are expected to have a higher proficiency level also in the field of digital security. For this particular reason, the purpose of this final thesis was to develop a suitable questionnaire for self-evaluation of administrative personnel and test the respondent’s self-evaluation with situational tasks in order to identify, whether theory is being put into practice. The author based the study on European Commission Digital Competency Framework from 2013 (DigCOMP), which defines five categories for digital competencies. These include digital literacy, communication and cooperation, creation of digital content, digital security and troubleshooting. In this final thesis, the author deliberately used only knowledge, skills and attitudes of the digital security competency, although all the other digital competencies also contribute to the security field as well. The author uses digital security competency term as follows: actions of a person in cyberspace and while using information- and communication technology devices in a way, that does not create harm to the person, the environment, the person’s private life and also the organisational security. The studies conducted in the digital security field have been contributing to student and teacher competencies. In order to apply the aspects of research to administrative personnel, the author asked workers in the field to reply to an electronic questionnaire. The sample size was small (n=45) and thus the results of this research paper are not applicable to the whole population of Estonian administrative workers (n=22000), but questions regarding the suitability of the self-evaluation questionnaire could be answered and tested with situational tasks. The key results of this final thesis are, that in order to develop digital security competencies, there is relevance in the time lapsed between the last training and answering the questionnaire. This puts an emphasis on how organizations should systematically deal with training their own personnel in the ways of digital security. The testing with situational tasks also revealed, that there is possibility for self-evaluated overcompensation in tasks, which require seeking for help from other parties due to the perceived independence and self-control. Due to the fact, that in 2022 a new version of DigCOMP 2.2 model was created, this study should be repeated on a bigger sample and emphasis put on the creation of system specific situational tasks.

Eesti on tuntud oma riiklike digilahendustega, mis hõlbustavad elanike ja riigi vahelist suhtlust. Ka tööjõu- ja oskuste vajaduse prognoosisüsteemi (OSKA) 2018. aastal läbiviidud uuringu „Tulevikuvaade tööjõu- ja oskuste vajadusele: personali- ja administratiivtöö ning ärinõustamine” väljavõte olulisematest tulemustest juhib tähelepanu, et kõigil uuringus olnud kutsealadel on kasvav vajadus üldiste teadmiste järgi küberturvalisusest. Ühtseid mõõdikuid piisava digipädevuse praktiliseks hindamiseks on aga vaid üksikutes valdkondades (nt kaitseministeeriumi valitsemisalas või õpetajate enesehindamisel). Intensiivselt info- ja kommunikatsioonitehnoloogia (IKT) vahenditega tööalaselt kokkupuutuvatel administratiivtöötajatel selline hindamisvahend puudub. Lõputöö eesmärk on sõnastada DigComp mudeli abil administratiivtöötajatele sobivad väited enesehindamisküsimustiku jaoks digiturvalisuse pädevuse valdkonnas ja testida enesehinnanguid situatsioonülesannetega. Autori hinnangul on administratiivtöö järjest enam liikumas digiruumi ja üha rohkem nõutakse administratiivtöötajatelt digiturvalisuse valdkonnas heade pädevuste omamist.