Please use this identifier to cite or link to this item: http://hdl.handle.net/10125/50484

Internalization of Information Security Policy and Information Security Practice: A Comparison with Compliance

File SizeFormat 
paper0597.pdf697.5 kBAdobe PDFView/Open

Item Summary

Title: Internalization of Information Security Policy and Information Security Practice: A Comparison with Compliance
Authors: Park, Minjung
Chai, Sangmi
Keywords: Information Security and Privacy
compliance, information security practice behavior, information security policy, internalization, social influence theory
Issue Date: 03 Jan 2018
Abstract: Most recent information security incidents have been caused by employees’ poor managements rather than technology defects. Accordingly, organizations try to improve their information security by demanding that employees conform to information security policies. Previous studies examined the effect of organization’s enforcement-based systems, using penalties and rewards, on employees’ comply with information security policies. It found there is a lack of autonomy and sustainability if conformity depended on external environmental factors. To confirm, following social influence theory, that employees’ information security practices can be better performed if they go beyond compliance and are internalized, we developed an instrument that measures employees’ attitudes on information security policies and conducted a pilot test. The results show that information security practices are performed better by the higher internalization group than by the compliance group, proving the greater effectiveness of internalization in improving both employees’ and organizations’ information security.
Pages/Duration: 9 pages
URI/DOI: http://hdl.handle.net/10125/50484
ISBN: 978-0-9981331-1-9
DOI: 10.24251/HICSS.2018.595
Rights: Attribution-NonCommercial-NoDerivatives 4.0 International
Appears in Collections:Information Security and Privacy


Please contact sspace@hawaii.edu if you need this content in an ADA compliant alternative format.

Items in ScholarSpace are protected by copyright, with all rights reserved, unless otherwise indicated.