Information Security Policy Compliance: Systematic Literature Review

被引：12

作者：

Angraini ^{[1
,4
]}

Alias, Rose Alinda ^{[2
]}

Okfalisa ^{[3
]}

机构：

[1] Univ Teknol Malaysia, Fac Engn, Sch Comp, Johor Baharu 81310, Malaysia

[2] Univ Teknol Malaysia, Azman Hash Int Business Sch, Dept Informat Syst, Johor Baharu 81310, Malaysia

[3] Univ Islam Negeri Sultan Syarif Kasim, Fac Sci & Technol, Dept Informat Engn, Pekanbaru, Riau, Indonesia

[4] Univ Islam Negeri Sultan Syarif Kasim, Fac Sci & Technol, Dept Informat Syst, Pekanbaru, Riau, Indonesia

来源：

FIFTH INFORMATION SYSTEMS INTERNATIONAL CONFERENCE | 2019年 / 161卷

关键词：

Information security policy; Compliance; Literature review; Evaluation; MODEL; NONCOMPLIANCE;

D O I：

10.1016/j.procs.2019.11.235

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The growth of research in information technology security has enlarged in recent years. Investigations in Information security besides discussing technical problems but also consider policies, behavior and user compliance issues. Therefore, a systematic review is needed to inform the development of research in compliance with information security policies. This literature review aims to find the challenges and explore the current state-of-the art of information security policy compliance. We identified 305 research papers published on topics of information security policy compliance between 2014 and 2019 and extract 53 documents from discussing with inclusion and exclusion criteria. This literature review found there is a lack of study about an evaluation of information security policy compliance using specific metric and need to enhance the model of information security policy compliance with organizational theories. (C) 2019 The Authors. Published by Elsevier B.V.

引用

页码：1216 / 1224

页数：9

共 70 条

[1]

Abed J., 2016, 22 AM C INF SYST SAN, P1

[2] THE THEORY OF PLANNED BEHAVIOR [J].

AJZEN, I .

ORGANIZATIONAL BEHAVIOR AND HUMAN DECISION PROCESSES, 1991, 50 (02) :179-211

[3] Fear of Cybercrime and the Compliance with Information Security Policies: A Theoretical Study [J].

Alalwan, Jaffar Ahmad .

2018 9TH INTERNATIONAL CONFERENCE ON E-EDUCATION, E-BUSINESS, E-MANAGEMENT AND E-LEARNING (IC4E 2018), 2018, :85-87

[4]

Alkhurayyif Y, 2017, 2017 SEVENTH INTERNATIONAL CONFERENCE ON EMERGING SECURITY TECHNOLOGIES (EST), P113, DOI 10.1109/EST.2017.8090409

[5]

Alotaibi M, 2016, INT CONF INTERNET, P352, DOI 10.1109/ICITST.2016.7856729

[6] Information security policy compliance: a higher education case study [J].

Alshare, Khaled A. ;

Lane, Peggy L. ;

Lane, Michael R. .

INFORMATION AND COMPUTER SECURITY, 2018, 26 (01) :91-108

[7]

Alzahrani A, 2018, 2018 4TH INTERNATIONAL CONFERENCE ON INFORMATION MANAGEMENT (ICIM2018), P125, DOI 10.1109/INFOMAN.2018.8392822

[8] Establishing information security policy compliance culture in organizations [J].

Amankwa, Eric ;

Loock, Marianne ;

Kritzinger, Elmarie .

INFORMATION AND COMPUTER SECURITY, 2018, 26 (04) :420-436

[9]

[Anonymous], 2016, P AMCIS SURF IT INN

[10]

[Anonymous], 2014, NAT GARD ASS SPEC RE

← 1 2 3 4 5 6 7 →