Description
The purpose of this research is to examine how information security policy compliance mediates organizational fraud levels in a sampling of small to medium-size firms. We will examine if (1) organizations with low (high) quality information security policy experience lower (higher) information security policy compliance; (2) organizations with strong (weak) enforcement of the existing policy experience lower (higher) levels of information security policy compliance; (3) if there is any significant interaction effect between information security policy quality and enforcement and (4) if perceived information security policy compliance is inversely related to reported organizational fraud. Completion of this research will accomplish several key objectives. It will approach the fraud problem from a totally different perspective that has not been studied previously. This research may inform current findings regarding the potential direct and indirect effects of information security noncompliance on organizational fraud. The study will also expand the body of organizational fraud knowledge by giving insights into the motivation leading to compliance versus noncompliance decisions encountered by employees in various organizational settings.
Recommended Citation
Brown, Dennis and Zafar, Humayun, "Information Security Policy Quality and Enforcement: Is Compliance a Solution to Fraud" (2017). AMCIS 2017 Proceedings. 25.
https://aisel.aisnet.org/amcis2017/InformationSystems/Presentations/25
Information Security Policy Quality and Enforcement: Is Compliance a Solution to Fraud
The purpose of this research is to examine how information security policy compliance mediates organizational fraud levels in a sampling of small to medium-size firms. We will examine if (1) organizations with low (high) quality information security policy experience lower (higher) information security policy compliance; (2) organizations with strong (weak) enforcement of the existing policy experience lower (higher) levels of information security policy compliance; (3) if there is any significant interaction effect between information security policy quality and enforcement and (4) if perceived information security policy compliance is inversely related to reported organizational fraud. Completion of this research will accomplish several key objectives. It will approach the fraud problem from a totally different perspective that has not been studied previously. This research may inform current findings regarding the potential direct and indirect effects of information security noncompliance on organizational fraud. The study will also expand the body of organizational fraud knowledge by giving insights into the motivation leading to compliance versus noncompliance decisions encountered by employees in various organizational settings.