Presenting Author

Mohammad Merhi; Punit Ahluwalia

Paper Type

Research-in-Progress Paper

Abstract

It has been argued that organizational punishment serves as a deterrent to unwanted employee behavior but there is no clear consensus on the influence of punitive actions on employees’ behavior to comply with information security policies. This study proposes a model that explains the influence of organizational punishment on employees’ cognitive beliefs and their intention to comply with information security policies. We argue that likelihood of punishment impacts employees’ cognitive beliefs that in turn affect their information security compliance behavior. This study uses the theory of planned behavior as a support for its propositions and contributes to the body of knowledge in the IS security stream by addressing a significant gap in the current literature. This is a work in progress and we plan to present results of the empirical study at the conference.

Share

COinS
 

Information Security Policies Compliance: The Role of Organizational Punishment

It has been argued that organizational punishment serves as a deterrent to unwanted employee behavior but there is no clear consensus on the influence of punitive actions on employees’ behavior to comply with information security policies. This study proposes a model that explains the influence of organizational punishment on employees’ cognitive beliefs and their intention to comply with information security policies. We argue that likelihood of punishment impacts employees’ cognitive beliefs that in turn affect their information security compliance behavior. This study uses the theory of planned behavior as a support for its propositions and contributes to the body of knowledge in the IS security stream by addressing a significant gap in the current literature. This is a work in progress and we plan to present results of the empirical study at the conference.