A Review of the Theory of Planned Behaviour in the Context of Information Security Policy Compliance

被引:0
作者
Sommestad, Teodor [1 ]
Hallberg, Jonas [1 ]
机构
[1] Swedish Def Res Agcy, Linkoping, Sweden
来源
SECURITY AND PRIVACY PROTECTION IN INFORMATION PROCESSING SYSTEMS | 2013年 / 405卷
关键词
information security; security policy; security rule; policy compliance; policy violation; computer misuse; theory of planned behavior; REASONED ACTION; DETERRENCE; MODEL;
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
The behaviour of employees influences information security in virtually all organisations. To inform the employees regarding what constitutes desirable behaviour, an information security policy can be formulated and communicated. However, not all employees comply with the information security policy. This paper reviews and synthesises 16 studies related to the theory of planned behaviour. The objective is to investigate 1) to what extent the theory explains information security policy compliance and violation and 2) whether reasonable explanations can be found when the results of the studies diverge. It can be concluded that the theory explains information security policy compliance and violation approximately as well as it explains other behaviours. Some potential explanations can be found for why the results of the identified studies diverge. However, many of the differences in results are left unexplained.
引用
收藏
页码:257 / 271
页数:15
相关论文
共 50 条
  • [21] The Impact of Challenge Information Security Stress on Information Security Policy Compliance: The Mediating Roles of Emotions
    Chen, Lin
    Xie, Zongxiao
    Zhen, Jie
    Dong, Kunxiang
    PSYCHOLOGY RESEARCH AND BEHAVIOR MANAGEMENT, 2022, 15 : 1177 - 1191
  • [22] A Meta-Analysis of Deterrence Theory in Information Security Policy Compliance Research
    Trang, Simon
    Brendel, Benedikt
    INFORMATION SYSTEMS FRONTIERS, 2019, 21 (06) : 1265 - 1284
  • [23] Understanding Employee Information Security Policy Compliance from Role Theory Perspective
    Nasirpouri Shadbad, Forough
    Biros, David
    JOURNAL OF COMPUTER INFORMATION SYSTEMS, 2021, 61 (06) : 571 - 580
  • [24] Reducing fraud in organizations through information security policy compliance: An information security controls perspective
    Brown, Dennis
    Batra, Gunjan
    Zafar, Humayun
    Saeed, Khawaja
    COMPUTERS & SECURITY, 2024, 144
  • [25] A model for information security compliant behaviour in the healthcare context
    Box, Debra
    Pottas, Dalenca
    CENTERIS 2014 - CONFERENCE ON ENTERPRISE INFORMATION SYSTEMS / PROJMAN 2014 - INTERNATIONAL CONFERENCE ON PROJECT MANAGEMENT / HCIST 2014 - INTERNATIONAL CONFERENCE ON HEALTH AND SOCIAL CARE INFORMATION SYSTEMS AND TECHNOLOGIES, 2014, 16 : 1462 - 1470
  • [26] Exploring the Influence of Direct and Indirect Factors on Information Security Policy Compliance: A Systematic Literature Review
    Alassaf, Mada
    Alkhalifah, Ali
    IEEE ACCESS, 2021, 9 : 162687 - 162705
  • [27] Information Security Policy Compliance: Leadership and Trust
    Paliszkiewicz, Joanna
    JOURNAL OF COMPUTER INFORMATION SYSTEMS, 2019, 59 (03) : 211 - 217
  • [28] The role of norms in information security policy compliance
    Wiafe, Isaac
    Koranteng, Felix Nti
    Wiafe, Abigail
    Obeng, Emmanuel Nyarko
    Yaokumah, Winfred
    INFORMATION AND COMPUTER SECURITY, 2020, 28 (05) : 743 - 761
  • [29] Psychological Capital and Information Security Policy Compliance
    Zhao, Jiaqing
    Hong, Yuxiang
    Chen, Wenqing
    Chen, Chouyong
    JOURNAL OF COMPUTER INFORMATION SYSTEMS, 2024,
  • [30] Employees' information security policy compliance: A norm activation perspective
    Yazdanmehr, Adel
    Wang, Jingguo
    DECISION SUPPORT SYSTEMS, 2016, 92 : 36 - 46
12345