Explaining Opposing Compliance Motivations towards Organizational Information Security Policies

被引:5
|
作者
Lowry, Paul Benjamin [1 ]
Moody, Greg D. [1 ]
机构
[1] City Univ Hong Kong, Hong Kong, Hong Kong, Peoples R China
来源
PROCEEDINGS OF THE 46TH ANNUAL HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES | 2013年
关键词
PSYCHOLOGICAL REACTANCE; DECISION-MAKING; SOCIAL PRESENCE; FEAR APPEALS; TRUST; WORKPLACE; ADOLESCENTS; BEHAVIOR; IMPACT;
D O I
10.1109/HICSS.2013.5
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Lack of compliance with organizational information security policies (ISPOs) is a widespread organizational issue that increasingly bears very large direct and qualitative costs. The purpose of our study was to explain the causes of tensions within organizations to either comply with new ISPOs or react negatively against them. To do so, we proposed an innovative model, which pits organizational control theory, as a force that explains ISPO compliance, against reactance theory, as a force that explains ISPO noncompliance and anger toward organizations. To test the model, we used a sample of 320 working professionals in a variety of industries to examine the likely organizational outcomes when a new ISPO is delivered to employees in the form of a typical memo sent throughout an organization. We found support for our newly proposed model, which is an important contribution to research on organizational security practices.
引用
收藏
页码:2998 / 3007
页数:10
相关论文
共 50 条
  • [1] Information Security Policies: A systematic review of theories explaining their compliance
    Políticas de Seguridad de la Información: Revisión sistemática de las teorías que explican su cumplimiento
    [J]. 1600, Associacao Iberica de Sistemas e Tecnologias de Informacao (2017):
  • [2] Proposing the control-reactance compliance model (CRCM) to explain opposing motivations to comply with organisational information security policies
    Lowry, Paul Benjamin
    Moody, Gregory D.
    [J]. INFORMATION SYSTEMS JOURNAL, 2015, 25 (05) : 433 - 463
  • [3] The Influence of Organizational Enforcement on the Attitudes of Employees towards Information Security Compliance
    AlKalbani, Ahmed
    Deng, Hepu
    Kam, Booi
    [J]. 2019 10TH INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION SYSTEMS (ICICS), 2019, : 152 - 158
  • [4] Information Security Policies Compliance: The Role of Organizational Punishment Research-in-Progress
    Merhi, Mohammad I.
    Ahluwalia, Punit
    [J]. AMCIS 2013 PROCEEDINGS, 2013,
  • [5] Predicting communication constructs towards determining information security policies compliance
    Rantao, Tsholofelo
    Njenga, Kennedy
    [J]. SOUTH AFRICAN JOURNAL OF INFORMATION MANAGEMENT, 2020, 22 (01):
  • [6] Organizational power and information security rule compliance
    Kolkowska, Ella
    Dhillon, Gurpreet
    [J]. COMPUTERS & SECURITY, 2013, 33 : 3 - 11
  • [7] Organizational Power and Information Security Rule Compliance
    Kolkowska, Ella
    Dhillon, Gurpreet
    [J]. FUTURE CHALLENGES IN SECURITY AND PRIVACY FOR ACADEMIA AND INDUSTRY, 2011, 354 : 185 - +
  • [8] Information Security Policies: Investigation of Compliance in Universities
    Hina, Sadaf
    Dominic, Dhanapal Durai
    [J]. 2016 3RD INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATION SCIENCES (ICCOINS), 2016, : 564 - 569
  • [9] Towards information security behavioural compliance
    Vroom, C
    von Solms, R
    [J]. COMPUTERS & SECURITY, 2004, 23 (03) : 191 - 198
  • [10] Compliance with Information Security Policies: An Empirical Investigation
    Siponen, Mikko
    Pahnila, Seppo
    Mahmood, M. Adam
    [J]. COMPUTER, 2010, 43 (02) : 64 - 71
12345