Eric Amankwa scite author profile

Purpose This paper aims to establish that employees’ non-compliance with information security policy (ISP) could be addressed by nurturing ISP compliance culture through the promotion of factors such as supportive organizational culture, end-user involvement and compliance leadership to influence employees’ attitudes and behaviour intentions towards ISP in organizations. This paper also aims to develop a testable research model that might be useful for future researchers in predicting employees’ behavioural intentions. Design/methodology/approach In view of the study’s aim, a research model to show how three key constructs can influence the attitudes and behaviours of employees towards the establishment of security policy compliance culture (ISPCC) was developed and validated in an empirical field survey. Findings The study found that factors such as supportive organizational culture and end-user involvement significantly influenced employees’ attitudes towards compliance with ISP. However, leadership showed the weakest influence on attitudes towards compliance. The overall results showed that employees’ attitudes and behavioural intentions towards ISP compliance together influenced the establishment of ISPCC for ISP compliance in organizations. Practical implications Organizations should influence employees’ attitudes towards compliance with ISP by providing effective ISP leadership, encouraging end-user involvement during the draft and update of ISP and nurturing a culture that is conducive for ISP compliance. Originality/value The study provides some insights on how to effectively address the problem of non-compliance with ISP in organizations through the establishment of ISPCC, which has not been considered in any past research.

show abstract

Online personalized recommended product quality and e-impulse buying: A conditional mediation analysis

Seth

Jiang

Debrah

et al. 2022

Journal of Retailing and Consumer Services

View full text Add to dashboard Cite

A conceptual analysis of information security education, information security training and information security awareness definitions

Amankwa

Loock

Kritzinger

2014

View full text Add to dashboard Cite

Enhancing information security education and awareness: Proposed characteristics for a model

Amankwa

Loock

Kritzinger

2015

View full text Add to dashboard Cite

The determinants of an information security policy compliance culture in organisations: the combined effects of organisational and behavioural factors

Amankwa

Loock

Kritzinger

2022

ICS

View full text Add to dashboard Cite

Purpose This paper aims to examine the individual and combined effects of organisational and behavioural factors on employees’ attitudes and intentions to establish an information security policy compliance culture (ISPCC) in organisations. Design/methodology/approach Based on factors derived from the organisational culture theory, social bond theory and accountability theory, a testable research model was developed and evaluated in an online survey that involves the use of a questionnaire to collect quantitative data from 313 employees, from ten different organisations in Ghana. The data collected were analysed using the partial least squares-structural equation modelling approach, involving the measurement and structural model tests. Findings The study reveals that the individual measures of accountability – identifiability (2.4%), expectations of evaluation (38.8%), awareness of monitoring (55.7%) and social presence (−41.2%) – had weak to moderate effects on employees’ attitudes towards information security policy compliance. However, the combined effect showed a significant influence. In addition, organisational factors – supportive organisational culture (15%), security compliance leadership (2%) and user involvement (63%) – showed positive effects on employees’ attitudes. Further, employees’ attitudes had a substantial influence (65%), while behavioural intentions demonstrated a weak effect (24%) on the establishment of an ISPCC in the organisation. The combined effect also had a substantial statistical influence on the establishment of an ISPCC in the organisation. Practical implications Given the findings of the study, information security practitioners should implement organisational and behavioural factors that will have an impact on compliance, in tandem, with the organisational effort to build a culture of compliance for information security policies. Originality/value The study provides new insights on how to address the problem of non-compliance with regard to the information security policy in organisations through the combined application of organisational and behavioural factors to establish an information security policy compliance culture, which has not been considered in any past research.

show abstract

Emergency e-learning acceptance in second-cycle institutions in Ghana: a conditional mediation analysis

Amankwa

Asiedu

2022

SN Soc Sci

View full text Add to dashboard Cite

This paper investigates the determinants that will influence students’ acceptance of the electronic learning (e-learning) system of education after the COVID-19 emergency. Specifically, the paper assesses the attitudes and intentions of students in second-cycle institutions to accept e-learning after the pandemic, using constructs derived from the health belief model and technology acceptance model. Also, we test if there is any significant difference in the attitudes and intentions of students in public and private institutions. Using data collected from 370 students in upper and lower levels of a second-cycle institutions in Ghana, we found that student attitude is significantly influenced by perceived usefulness and moderately affected by perceived severity, whereas, student’s intention is moderately affected by the perceived severity but substantially influenced by the student’s attitude towards usage. Also, the results revealed that students’ attitudes and intentions to use e-learning are moderately affected by the severity of the ongoing COVID-19 pandemic. Finally, there were no significant differences in the attitudes and intentions of the sampled students in public and private second-cycle institutions in Ghana, regarding their acceptance and usage of e-learning after the COVID-19 emergency. Given the study’s findings, the paper concludes that students’ attitudes and intention to use e-learning are the main determinants that will influence the students’ acceptance of the e-learning system of education in second-cycle institutions in Ghana after the COVID-19 emergency. The paper contributes to knowledge by providing evidence of students’ acceptance of the e-learning system of education after the COVID-19 emergency in the context of a developing country like Ghana.

show abstract

Relevance of Cybersecurity Education at Pedagogy Levels in Schools

Amankwa¹

2021

JIS

View full text Add to dashboard Cite

Today, the internet extensively impacts people's lives through improved communications, interactions, and the exchange of information. Despite all these positive effects, it also causes in significant negative issues. Over the recent years, cases of online fraud, cyber-bullying, racial abuse, gambling, and pornography have increased due to the lack of self-control and overall awareness among internet users. Therefore, there is a need to create awareness and training on cybersecurity in schools to protect students from cyber-bullying, online fraud, and being targets of prejudice. Research reveals that the level of self-control and awareness among internet users is still moderate and low. To ensure cybersecurity awareness and knowledge among internet users, young people need to get educated on how to operate safely in cyberspace. This education will guarantee that they understand how to protect themselves from cybercrimes. To this extent, this research paper will explore the essence of cybersecurity education in schools and provide strategies that educators can utilize to promote cybersecurity education across learning institutions. This paper will thus conclude how cybersecurity training can be implemented in a learning institution.

show abstract

A Composite Framework to Promote Information Security Policy Compliance in Organizations

Amankwa

Loock

Kritzinger

2019

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Eric Amankwa

Establishing information security policy compliance culture in organizations

Online personalized recommended product quality and e-impulse buying: A conditional mediation analysis

A conceptual analysis of information security education, information security training and information security awareness definitions

Enhancing information security education and awareness: Proposed characteristics for a model

The determinants of an information security policy compliance culture in organisations: the combined effects of organisational and behavioural factors

Emergency e-learning acceptance in second-cycle institutions in Ghana: a conditional mediation analysis

Relevance of Cybersecurity Education at Pedagogy Levels in Schools

A Composite Framework to Promote Information Security Policy Compliance in Organizations

Contact Info

Product

Resources

About