Predictors of Success in Information Security Policy Compliance

被引:5
作者
Nord, Jeretta [1 ]
Sargent, Carol Springer [2 ]
Koohang, Alex [2 ]
Marotta, Angelica [3 ]
机构
[1] Oklahoma State Univ, Stillwater, OK 74078 USA
[2] Middle Georgia State Univ, Macon, GA 31206 USA
[3] MIT, Sloan Sch Management, Cambridge, MA 02139 USA
来源
JOURNAL OF COMPUTER INFORMATION SYSTEMS | 2022年 / 62卷 / 04期
关键词
Information security policy; compliance; leadership; supportive organizational culture; engagement; role values; BEHAVIOR; VIOLATIONS; MANAGEMENT; NEUTRALIZATION; LEADERSHIP; AWARENESS; BELIEFS; CULTURE; MODEL;
D O I
10.1080/08874417.2022.2067795
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The purpose of this study is to build on the ISP compliance literature by creating a prediction model that includes four predictor variables, namely, leadership, supportive organizational culture, engagement, and role values with one dependent variable - ISP compliance. We then seek to find out which of the predictor variables are most influential in predicting ISP compliance. An instrument with 5 constructs was administered electronically to a diverse set of employees in the U.S.A. ranging in work experience from new hires to CEOs and from many industries. Collected data were analyzed using multiple regression analysis. The results showed that all predictor variables in the model were significant. Supportive organizational culture followed by role values offered the largest explanatory power of the four predictor variables. We discuss the implications of the findings and offer suggestions for future research opportunities.
引用
收藏
页码:863 / 873
页数:11
相关论文
共 48 条
[1]  
Accenture, 2019, COST CYB
[2]  
[Anonymous], 1992, Applied multivariate statistics for the social sciences
[3]   If someone is watching, I'll do what I'm asked: mandatoriness, control, and information security [J].
Boss, Scott R. ;
Kirsch, Laurie J. ;
Angermeier, Ingo ;
Shingler, Raymond A. ;
Boss, R. Wayne .
EUROPEAN JOURNAL OF INFORMATION SYSTEMS, 2009, 18 (02) :151-164
[4]  
Bree J., 2022, DISS ABST INT B, V83
[5]  
Bulgurcu B, 2010, MIS QUART, V34, P523
[6]   Understanding commitment and apathy in is security extra-role behavior from a person-organization fit perspective [J].
Chen, Hao ;
Li, Wenli .
BEHAVIOUR & INFORMATION TECHNOLOGY, 2019, 38 (05) :454-468
[7]   Understanding Inconsistent Employee Compliance with Information Security Policies Through the Lens of the Extended Parallel Process Model [J].
Chen, Yan ;
Galletta, Dennis F. ;
Lowry, Paul Benjamin ;
Luo, Xin ;
Moody, Gregory D. ;
Willison, Robert .
INFORMATION SYSTEMS RESEARCH, 2021, 32 (03) :1043-1065
[8]   When enough is enough: Investigating the antecedents and consequences of information security fatigue [J].
Cram, W. Alec ;
Proudfoot, Jeffrey G. ;
D'Arcy, John .
INFORMATION SYSTEMS JOURNAL, 2021, 31 (04) :521-549
[9]   SEEING THE FOREST AND THE TREES: A META-ANALYSIS OF THE ANTECEDENTS TO INFORMATION SECURITY POLICY COMPLIANCE [J].
Cram, W. Alec ;
D'Arcy, John ;
Proudfoot, Jeffrey G. .
MIS QUARTERLY, 2019, 43 (02) :525-+
[10]   Predicting employee information security policy compliance on a daily basis: The interplay of security-related stress, emotions, and neutralization [J].
D'Arcy, John ;
Teh, Pei-Lee .
INFORMATION & MANAGEMENT, 2019, 56 (07)
12345