Enemy at the gate: threats to information security
Communications of the ACM - Program compaction
International Journal of Human-Computer Studies - Special issue on HCI and MIS
Network Security First-Step
Employees' Behavior towards IS Security Policy Compliance
HICSS '07 Proceedings of the 40th Annual Hawaii International Conference on System Sciences
Computers in Human Behavior
Gaining Access with Social Engineering: An Empirical Study of the Threat
Information Systems Security
Studying users' computer security behavior: A health belief perspective
Decision Support Systems
Information Systems Research
Corporate Computer and Network Security
Corporate Computer and Network Security
Security Policy Compliance: User Acceptance Perspective
HICSS '12 Proceedings of the 2012 45th Hawaii International Conference on System Sciences
Understanding Nonmalicious Security Violations in the Workplace: A Composite Behavior Model
Journal of Management Information Systems
Hi-index | 0.00 |
To combat potential security threats, organizations rely upon information security policies to guide employee actions. Unfortunately, employee violations of such policies are common and costly enough that users are often considered the weakest link in information security. This paper presents a composite theoretical framework for understanding employee behavioral compliance with organizational information security policies. Building off of the theory of planned behavior, a composite model is presented that incorporates the strengths of previous studies while minimizing theoretical gaps present in other behavioral compliance models. In building the framework, related operational constructs are examined and normalized to allow better comparison of past studies and help focus future research efforts.