The Influence of Organizational Enforcement on the Attitudes of Employees towards Information Security Compliance

The increasing importance of combating information security crimes has prompted individual organizations to enforce information security compliance. How such enforcement affects the attitude of individual employees towards information security compliance, however, is unclear. With the insights from the organizational theory literature, this study tests and validates a conceptual model that explores the impact of organizational enforcement on the attitude of employees using structural equation modelling based on the data collected from a survey of 294 employees in organizations. The study shows that both organizational security culture and enforcement processes have a positive impact on the attitude of employees. The study further reveals that there is a positive relationship between organizational security culture, security technologies, and enforcement processes in enforcing security compliance. Such relationships form a mutual force for continually fostering a positive attitude of employees toward information security compliance in organizations.