Investigating the Role of Socio-organizational Factors in the Information Security Compliance in Organizations

Ahmed AlKalbani, School of Business Information Technology and Logistics, RMIT University, Melbourne, Australia
Hepu Deng, School of Business Information Technology and Logistics, RMIT University, Melbourne, Australia
Booi Kam, School of Business Information Technology and Logistics, RMIT University, Melbourne, Australia

Abstract

The increase reliance on information systems has created unprecedented challenges for organizations to protect their critical information from different security threats that have direct consequences on the corporate liability, loss of credibility, and monetary damage. As a result, the security of information has become critical in many organizations. This study investigates the role of socio-organizational factors by drawing the insights from the organizational theory literature in the adoption of information security compliance in organizations. Based on the analysis of the survey data collected from 294 employees, the study indicates management commitment, awareness and training, accountability, technology capability, technology compatibility, processes integration, and audit and monitoring have a significant positive impact on the adoption of information security compliance in organizations. The study contributes to the information security compliance research by exploring the criticality of socio-organizational factors at the organizational level for information security compliance.