Journal of the Midwest Association for Information Systems (JMWAIS)


Noncompliance by employees with Information Systems security policies is a serious computer security threat. An employee’s extensive knowledge of the information systems, the access credentials they have been given, and the trust accorded them by their employers make them a potentially dangerous threat to computer security. The importance of this phenomenon has led to a number of research undertakings on the ‘insider threat.’ However, research on employee compliance with IS security policies has focused mainly on the role of extrinsic motivation. Few studies have focused on the role of intrinsic motivation. This study fills this gap by building a theoretical model using a grounded theory methodology. Concepts from High Performance Work Systems (HPWS) theory were used to develop the initial questions for structured interviews. This theoretical model provides a framework for how organizations can intrinsically motivate their employees to comply with organizational information security policies. Organizations can intrinsically motivate their employees through a supportive organizational culture, training, and job design.