Autonomy Motivators, Serious Games, and Intention Toward ISP Compliance

The growing number of security breaches has become a major concern in organisations. Most often, such security breaches are related to internal employees due to their indirect or direct actions leading to information security policy (ISP) violations. Therefore, understanding employees' security behaviour and intrinsic motivation towards ISP compliance with respect to autonomy is critical. This study aims to find out whether the autonomy intrinsic motivator can be influenced by the Decisions and Disruptions (D-D) table-top game to enhance security awareness and, in turn, reinforce behavioural intention towards ISP compliance. We developed pre- and post-assessment tests on intrinsic motivation to find out whether there is a significant improvement in test scores after participants experience D-D gameplay. Thirty postgraduate students participated in the study. Overall results confirmed that the autonomy intrinsic motivator is positively influenced by the game and has a positive effect on the behavioural intention to comply with ISPs.