The Library
Information security policy compliance model in organizations
Tools
Sohrabi Safa, Nader , Von Solms, Rossouw and Furnell, Steven (2016) Information security policy compliance model in organizations. Computers & Security, 56 . pp. 70-82. doi:10.1016/j.cose.2015.10.006 ISSN 0167-4048.
Research output not available from this repository.
Request-a-Copy directly from author or use local Library Get it For Me service.
Official URL: http://dx.doi.org/10.1016/j.cose.2015.10.006
Abstract
The Internet and information technology have influenced human life significantly. However, information security is still an important concern for both users and organizations. Technology cannot solely guarantee a secure environment for information; the human aspects of information security should be taken into consideration, besides the technological aspects. The lack of information security awareness, ignorance, negligence, apathy, mischief, and resistance are the root of users' mistakes. In this research, a novel model shows how complying with organizational information security policies shapes and mitigates the risk of employees' behaviour. The significant aspect of this research is derived from the conceptualization of different aspects of involvement, such as information security knowledge sharing, collaboration, intervention and experience, as well as attachment, commitment, and personal norms that are important elements in the Social Bond Theory. The results of the data analysis revealed that information security knowledge sharing, collaboration, intervention and experience all have a significant effect on employees' attitude towards compliance with organizational information security policies. However, attachment does not have a significant effect on employees' attitude towards information security policy compliance. In addition, the findings have shown that commitment and personal norms affect employees' attitude. Attitude towards compliance with information security organizational policies also has a significant effect on the behavioural intention regarding information security compliance.
Item Type: | Journal Article | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Subjects: | H Social Sciences > HD Industries. Land use. Labor H Social Sciences > HF Commerce Q Science > QA Mathematics > QA76 Electronic computers. Computer science. Computer software T Technology > T Technology (General) T Technology > TK Electrical engineering. Electronics Nuclear engineering |
||||||||||
Divisions: | Faculty of Science, Engineering and Medicine > Engineering > WMG (Formerly the Warwick Manufacturing Group) | ||||||||||
Library of Congress Subject Headings (LCSH): | Cyber intelligence (Computer security), Computer security, Computer networks--Security measures, Data protection, Information resources management--Security measures, Organizational effectiveness | ||||||||||
Journal or Publication Title: | Computers & Security | ||||||||||
Publisher: | Elsevier Advanced Technology | ||||||||||
ISSN: | 0167-4048 | ||||||||||
Official Date: | February 2016 | ||||||||||
Dates: |
|
||||||||||
Volume: | 56 | ||||||||||
Page Range: | pp. 70-82 | ||||||||||
DOI: | 10.1016/j.cose.2015.10.006 | ||||||||||
Status: | Peer Reviewed | ||||||||||
Publication Status: | Published | ||||||||||
Access rights to Published version: | Restricted or Subscription Access |
Request changes or add full text files to a record
Repository staff actions (login required)
View Item |