Employees' Compliance with ISP: A Socio-Technical Conceptual Model

Date
2022-01-04
Authors
Falahati, Arman
Lapointe, Liette
Beaudry, Anne
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Employees’ compliance with Information Systems Security Policies (ISP) is critical for protecting organizational data. Both the technical side and the social aspects of IT-use were shown to have significant influence on ISP-compliance. However, they have been mostly studied in isolation, despite the literature’s emphasis on the socio-technical nature of security. Also, while the technical side has been extensively explored, there is a scarcity of research on the social mechanisms that underlie ISP-compliance. Here, we aim at bridging the gap between the technical and social sides of compliance. We also build upon Social Impact Theory to provide a more nuanced understanding of the social influence on ISP-compliance. We suggest that transparency of use is associated with the three pivotal elements of social influence, namely, perceived strength, immediacy, and number of influencing sources, which trigger normative and informational forces towards compliance. The influence of organizational ISP-compliance culture is also discussed.
Description
Keywords
Socio-technical Issues in Organizational Information Technologies, human aspects of is security, information security, information security behaviors, isp-compliance, socio-technical nature of is security
Citation
Rights
Access Rights
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.