Explainable Information Security: Development of a Construct and Instrument

Authors

Duy Pham Thien Dang, Royal Melbourne Institute of TechnologyFollow
Ai Phuong Hoang, Royal Melbourne Institute of TechnologyFollow
Diem-Trang Vo, Royal Melbourne Institute of TechnologyFollow
Karlheinz (Karl) Kautz, Royal Melbourne Institute of Technology (RMIT) UniversityFollow

Abstract

Despite the increasing efforts to encourage information security (InfoSec) compliance, employees’ refusal to follow and adopt InfoSec remains a challenge for organisations. Advancements in the behavioural InfoSec field have recently highlighted the importance of developing usable and employeecentric InfoSec that can motivate InfoSec compliance more effectively. In this research, we conceptualise the theoretical structure for a new concept called explainable InfoSec and develop a research instrument for collecting data about this concept. Data was then collected from 724 office workers via an online survey. Exploratory and confirmatory factor analyses were performed to validate the theoretical structure of the explainable InfoSec construct, and we performed structural equation modelling to examine the construct’s impact on intention to comply with organisational InfoSec. The validated theoretical structure of explainable InfoSec consists of two dimensions, fairness and transparency, and the construct was found to positively influence compliance intention.

Recommended Citation

Dang, Duy Pham Thien; Hoang, Ai Phuong; Vo, Diem-Trang; and Kautz, Karlheinz (Karl), "Explainable Information Security: Development of a Construct and Instrument" (2020). ACIS 2020 Proceedings. 62.
https://aisel.aisnet.org/acis2020/62