The Role of Employees’ Threat Appraisal in Security Certification Compliance: Insights from a Protection Motivation Approach
Files
Date
2025-01-07
Contributor
Advisor
Department
Instructor
Depositor
Speaker
Researcher
Consultant
Interviewer
Narrator
Transcriber
Annotator
Journal Title
Journal ISSN
Volume Title
Publisher
Volume
Number/Issue
Starting Page
4499
Ending Page
Alternative Title
Abstract
The rising number of cybersecurity threats poses significant risks to organizations. Security and data protection certifications, such as ISO/IEC 27001, offer a promising approach to improving cybersecurity defenses and gaining market legitimacy. However, the effectiveness of these certifications depends on their substantive internalization within organizations. This study explores the factors driving employees’ certification internalization using Protection Motivation Theory. We conducted an online experiment with 437 participants, manipulating their perception of threats resulting from certification noncompliance. Our findings show that perceived security threats, compliance costs, and fear shape employees' certification compliance intention, while compliance efficacy does not. The perceived threat of customer loss reduced certification compliance intention. Our study contributes to certification research by taking an employee perspective and explaining how employees’ threat and coping appraisals impact their internalization intention.
Description
Keywords
Innovative Behavioral IS Security and Privacy Research, certification, compliance, information security, iso 27001, protection motivation theory
Citation
Extent
10
Format
Geographic Location
Time Period
Related To
Proceedings of the 58th Hawaii International Conference on System Sciences
Related To (URI)
Table of Contents
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International
Rights Holder
Local Contexts
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.