Abstract

Information security has become an important aspect of contemporary information technology in organizations and influence the way in which work is done and information is sent between organizations. Human information system behaviors with regard to information security policies, i.e. information security compliance (ISC) must not be ignored, as these influence compliance within the defined rules. Social learning theory (SLT) and deterrence theory (DT) are well established theories to explain human behavior, but are rarely used to explain ISC. This article aims at combining behavioral and IS research to better understand ISC. We provide an overview of the effects of SLT and DT on ISC and describe which of their constructs better describes ISC, examining an PLS analysis. This study’s results highlight that SLT and DT explain ISC, but the selected constructs of SLT have a higher influence on ISC than those of DT.

Download

Share

COinS
 

Fostering Information Security Compliance: Comparing the Predictive Power of Social Learning Theory and Deterrence Theory

Information security has become an important aspect of contemporary information technology in organizations and influence the way in which work is done and information is sent between organizations. Human information system behaviors with regard to information security policies, i.e. information security compliance (ISC) must not be ignored, as these influence compliance within the defined rules. Social learning theory (SLT) and deterrence theory (DT) are well established theories to explain human behavior, but are rarely used to explain ISC. This article aims at combining behavioral and IS research to better understand ISC. We provide an overview of the effects of SLT and DT on ISC and describe which of their constructs better describes ISC, examining an PLS analysis. This study’s results highlight that SLT and DT explain ISC, but the selected constructs of SLT have a higher influence on ISC than those of DT.