Issues and opinion on structural equation modeling
MIS Quarterly
Why there aren't more information security research studies
Information and Management
An integrative model of computer abuse based on social control and general deterrence theories
Information and Management
Investigating factors affecting the adoption of anti-spyware systems
Communications of the ACM - Spyware
Investigation of IS professionals' intention to practise secure development of applications
International Journal of Human-Computer Studies
Employees' Behavior towards IS Security Policy Compliance
HICSS '07 Proceedings of the 40th Annual Hawaii International Conference on System Sciences
Computers in Human Behavior
Studying users' computer security behavior: A health belief perspective
Decision Support Systems
Understanding compliance with internet use policy from the perspective of rational choice theory
Decision Support Systems
Does deterrence work in reducing information security policy abuse by employees?
Communications of the ACM
Information and Management
Understanding Nonmalicious Security Violations in the Workplace: A Composite Behavior Model
Journal of Management Information Systems
Motivating IS security compliance: Insights from Habit and Protection Motivation Theory
Information and Management
Information security tools and practices: what works?
IEEE Transactions on Computers
Hi-index | 0.00 |
This study investigated employees' information systems security policy (ISSP) compliance behavioural intentions in organisations from the theoretical lenses of social bonding, social influence, and cognitive processing. Given that previous research on ISSP compliance has been based on deterrence theory, this study seeks to augment and diversify research on ISSP compliance through its theoretical perspective. Relevant hypotheses were developed to test the research conceptualisation. Data from a survey of business managers and IS professionals confirmed that social bonds that are formed at work largely influence attitudes towards compliance and subjective norms, with both constructs positively affecting employees' ISSP compliance. Employees' locus of control and capabilities and competence related to IS security issues also affect ISSP compliance behavioural intentions. Overall, the constructs in the research model enhance our understanding of the social-organisational and psychological factors that might encourage or accentuate employees' ISSP compliance in the workplace.