The role of norms in information security policy compliance

Isaac Wiafe, Felix Nti Koranteng, Abigail Wiafe, Emmanuel Nyarko Obeng, Winfred Yaokumah

Research output: Contribution to journalArticlepeer-review

18 Citations (Scopus)

Abstract

Purpose: The purpose of this paper is to determine which factors influence information system security policy compliance. It examines how different norms influence compliance intention. Design/methodology/approach: Based on relevant literature on information system security policy compliance, a research model was developed and validated. An online questionnaire was used to gather data from respondents and partial least square structural equation modelling (PLS-SEM) was used to analyse 432 responses received. Findings: The results indicated that attitude towards information security compliance mediates the effects of personal norms on compliance intention. In addition, descriptive and subjective norms are significant predictors of personal norms. Originality/value: Though advancement in technology has reached significant heights, it is still inadequate to guaranteed information systems’ security. Researchers have identified humans to be central in ensuring information security. To this effect, this study provides empirical evidence of the role of norms in influence information security behaviour.

Original languageEnglish
Pages (from-to)743-761
Number of pages19
JournalInformation and Computer Security
Volume28
Issue number5
DOIs
Publication statusPublished - 4 Nov 2020

Keywords

  • Attitude towards compliance
  • Compliance intention
  • Information security policy
  • Social norms

Fingerprint

Dive into the research topics of 'The role of norms in information security policy compliance'. Together they form a unique fingerprint.

Cite this