Establishing information security policy compliance culture in organizations

Amankwa, Eric; Loock, Marianne; Kritzinger, Elmarie

doi:10.1108/ics-09-2017-0063

Cited by 28 publications

(36 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…(2015) , who confirmed the behavioral influence of attitude on the intention of employees to comply with information security policies, albeit qualitatively. Both Ifinedo (2014) and Amankwa et al. (2018) found that attitude displayed the most significant effect size on complying with information security policies.…”

Section: Research Model and Hypothesesmentioning

confidence: 99%

Information privacy behavior in the use of Facebook apps: A personality-based vulnerability assessment

Schyff

Flowerday

Lowry

2020

Heliyon

View full text Add to dashboard Cite

The unauthorized use of personal information belonging to users of apps integrated with the Facebook platform affects millions of users. Crucially, although privacy concerns and awareness have increased, the use of these apps, and related privacy behaviors, remain largely unchanged. Given that such privacy behaviors are likely influenced by individuals' personality traits, it is imperative to better understand which personality traits make individuals more vulnerable to such unauthorized uses. We build on a recontextualized version of the theory of planned behavior (TPB) to evaluate the influence of the Big Five personality traits on attitudes toward Facebook privacy settings, social norms, and information privacy concerns (IPCs)—all within the context of Facebook app use. To evaluate this study's model, we analyzed 576 survey responses by way of partial least squares path modeling. Results indicate that highly extraverted individuals are particularly vulnerable to privacy violations (e.g., unauthorized use of personal information) because of their negative attitudes toward Facebook privacy settings. Our post hoc analysis uncovered interesting combinations of personality traits that make individuals particularly vulnerable to the unauthorized use of app-based information. In particular, the combination of extraversion and conscientiousness had a negative effect on individuals' attitude toward privacy settings. We also found a significant negative relationship between IPCs and intention to use Facebook apps . Finally, we found a positive relationship between social norms and intentions. Taken together, these results infer that individuals are likely to be influenced by their peers in the use of Facebook apps but that their intentions to use these apps declines as privacy concerns increase.

show abstract

Section: Research Model and Hypothesesmentioning

confidence: 99%

Information privacy behavior in the use of Facebook apps: A personality-based vulnerability assessment

Schyff

Flowerday

Lowry

2020

Heliyon

View full text Add to dashboard Cite

show abstract

“…Likewise, the research conducted by Arage [37], states that national culture has an impact on information security compliance. Another factor within the organization is user involvement and leadership, this potential was seen by Amankwa [38] in his research on Establishing information security policy compliance culture in organizations using the theory of organizational behavior and organization culture. However, differences in results found by Sommestad [36] investigated the relationship between individual intentions in social groups rather than the workplace and the effects of this group by using the theory of planned behavior and information security culture.…”

Section: Literature Reviewmentioning

confidence: 99%

“…In a company with a stable culture, the appropriate policies and procedures, including sanctions and education programs regarding the policy, will be well implemented. Employee non-compliance with information security policies (ISP) can be overcome by maintaining an ISP compliance culture through organizational culture [38]. Further studies are needed to find out factors such as organizational culture to find out the involvement of organizational culture can influence compliance with security policies.…”

Section: Conceptual Frameworkmentioning

confidence: 99%

A Model of Information Security Policy Compliance for Public Universities: A Conceptual Model

Angraini

Alias

Okfalisa

2019

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

The university is an organization that manages much public information, and therefore, information security policies are developed to ensure data security. However, during implementation still founded disobey behavior user and has an impact on data security. The previous research has been conducted to find influencing factor user comply with information security, although some model and theories still limited to implementation. There is a lack of researchers combine behavioral theory and organizational theory to develop models and previous model inadequate to universities that have unique characteristics. This study aims to explore and identify factors that influence information security compliance and continue to develop conceptual models for assessing information security policies. This conceptual model creates based on a systematic literature review and preliminary study. The results in the conceptual model found several variables, namely habits, attitudes, moral beliefs, self-efficacy from behavioral theories and human culture, commitment, rewards, costs can be used to evaluate user compliance with information security policies. Conceptual will be tested further to contribute to help universities to ensure and assess users to comply with information security policies.

show abstract

“…A frequently encountered statement, both in the literature of the subject and also among specialists dealing with data protection, the weakest element of information security is the human factor. It is the human inclination to make mistakes and adulteration and abuse that may result in the loss or disclosure of company information (Amankwa, Loock, Kritzinger, 2018;Pałęga, 2015;Palega, Knapinski, 2017). Nevertheless, in the belief of the authors of this publication, it is also the potential of human skills, capabilities, ideas, commitment and motivation of employees can be an effective defense against the failure of technical security.…”

Section: Introductionmentioning

confidence: 99%

Assessment of Employees Level of Awareness in the Aspect of Information Security

Pałęga

Knapiński

2019

System Safety: Human - Technical Facility - Environment

View full text Add to dashboard Cite

The strategic importance of information for the functioning of each economic entity forces entrepreneurs to properly protect them against loss, unauthorized disclosure or unauthorized modification. Hence, organizations build complex security systems taking into account state-of-the-art technical solutions, while belittling often the most important element, which is the human factor. It should be emphasized that it is the intentional or accidental actions of the human that can lead to the loss of information security. In addition, it is also the potential of human capabilities and skills can provide an effective defense against the failure or technical security.The article presents the basic stages of human resource management in the aspect of information security. Complementing these considerations will be the presentation and discussion of the results of surveys aimed at assessing the level of employee awareness in the area of information security.

show abstract

Establishing information security policy compliance culture in organizations

Cited by 28 publications

References 39 publications

Information privacy behavior in the use of Facebook apps: A personality-based vulnerability assessment

Information privacy behavior in the use of Facebook apps: A personality-based vulnerability assessment

A Model of Information Security Policy Compliance for Public Universities: A Conceptual Model

Assessment of Employees Level of Awareness in the Aspect of Information Security

Contact Info

Product

Resources

About