Abstract

Information security policy compliance requires commitment both from organizations and their employees. In practice, employees often need to go above and beyond their normal job responsibilities to meet compliance requirements, and organizations need to provide incentives for compliant behaviors. However, existing research emphasizes mainly on minimizing non-compliant behaviors through fear and sanctions rather than encouragement and support. Drawing on the theory of organizational citizenship behavior (OCB), we bridge this gap by identifying factors that trigger employees’ motives towards security policy compliance. We propose that employees who are satisfied with their jobs, supported by managers, and rewarded for their compliances tend to comply with security policies. Keywords: Information Security Policy (ISP), compliance, Organizational Citizenship Behaviors (OCB), motivation

Download

Share

COinS
 

Think and Act Positively: A Motivational Organizational Citizenship Behavior Approach Towards Information Security Policy Compliance

Information security policy compliance requires commitment both from organizations and their employees. In practice, employees often need to go above and beyond their normal job responsibilities to meet compliance requirements, and organizations need to provide incentives for compliant behaviors. However, existing research emphasizes mainly on minimizing non-compliant behaviors through fear and sanctions rather than encouragement and support. Drawing on the theory of organizational citizenship behavior (OCB), we bridge this gap by identifying factors that trigger employees’ motives towards security policy compliance. We propose that employees who are satisfied with their jobs, supported by managers, and rewarded for their compliances tend to comply with security policies. Keywords: Information Security Policy (ISP), compliance, Organizational Citizenship Behaviors (OCB), motivation