Organizational information security policies: a review and research framework
A major stream of research within the field of information systems security examines the use
of organizational policies that specify how users of information and technology resources …
of organizational policies that specify how users of information and technology resources …
Cyber–information security compliance and violation behaviour in organisations: A systematic review
Cyber and information security (CIS) is an issue of national and international interest.
Despite sophisticated security systems and extensive physical countermeasures to combat …
Despite sophisticated security systems and extensive physical countermeasures to combat …
Seeing the forest and the trees
A rich stream of research has identified numerous antecedents to employee compliance
(and noncompliance) with information security policies. However, the number of competing …
(and noncompliance) with information security policies. However, the number of competing …
Examining technostress creators and role stress as potential threats to employees' information security compliance
This study examined whether employees' security-related stress, ie, technostress and role
stress, in an organizational setting could affect their compliance intention regarding …
stress, in an organizational setting could affect their compliance intention regarding …
The role of extra-role behaviors and social controls in information security policy effectiveness
JSC Hsu, SP Shih, YW Hung… - Information systems …, 2015 - pubsonline.informs.org
Although most behavioral security studies focus on organizational in-role behaviors such as
information security policy (ISP) compliance, the role of organizational extra-role behaviors …
information security policy (ISP) compliance, the role of organizational extra-role behaviors …
The impact of information security threat awareness on privacy-protective behaviors
S Mamonov, R Benbunan-Fich - Computers in Human Behavior, 2018 - Elsevier
In this study, we examine how to motivate computer users to protect themselves from
potential security and privacy threats. We draw on the Information Processing framework …
potential security and privacy threats. We draw on the Information Processing framework …
A meta-analysis of deterrence theory in information security policy compliance research
S Trang, B Brendel - Information Systems Frontiers, 2019 - Springer
Enforcing information security policies is a key concern of information security managers. To
deter employees from deviant behavior, organizations often implement sanction …
deter employees from deviant behavior, organizations often implement sanction …
A system dynamics model for information security management
DL Nazareth, J Choi - Information & management, 2015 - Elsevier
Managing security for information assets is a critically important and challenging task. As
organizations provide clients with ubiquitous access to information systems and the …
organizations provide clients with ubiquitous access to information systems and the …
Peers matter: The moderating role of social influence on information security policy compliance
Abstract Information security in an organization largely depends on employee compliance
with information security policy (ISP). Previous studies have mainly explored the effects of …
with information security policy (ISP). Previous studies have mainly explored the effects of …
Sanction severity and employees' information security policy compliance: Investigating mediating, moderating, and control variables
Abstract Information security policy (ISP) plays a critical role in information systems security
management. Past research using General Deterrence Theory (GDT) on employees' …
management. Past research using General Deterrence Theory (GDT) on employees' …