Towards a Taxonomy of Information Security Policy Non-Compliance Behavior

Date
2022-01-04
Authors
Hengstler, Sebastian
Nickerson, Robert C.
Trang, Simon
Journal Title
Journal ISSN
Volume Title
Publisher
Volume
Number/Issue
Starting Page
Ending Page
Alternative Title
Abstract
Due to the increasing digitalization of our society, IT security professionals must implement even more effective security measures to meet the growing information security requirements of their organizations. To target and effectively deploy these measures in the best possible way, they must consider different types of behaviors that might lead to information security threats. Regarding this issue, current research offers little for clarity to security professionals when it comes to understanding and differentiating the various types of behavior. Therefore, this research aims to develop a taxonomy to classify different types of information security policy non-compliance behavior. Our results present a taxonomy with five dimensions, each containing mutually exclusive and collectively exhaustive characteristics. Our results provide a basis for a more specific analysis of different types of information security policy non-compliance behavior and can be used for more comprehensive development and analysis of appropriate security measures.
Description
Keywords
Innovative Behavioral IS Security and Privacy Research, information security, information security compliance behavior, information security policies, taxonomy
Citation
Extent
10 pages
Format
Geographic Location
Time Period
Related To
Proceedings of the 55th Hawaii International Conference on System Sciences
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International
Rights Holder
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.