Loading...
Paper Type
ERF
Abstract
Ensuring employees comply with the information security policy is an essential component of the security program in an organization. Grounded in action research and inspired by Unified Model of Information Security Compliance (UMISPC) (Moody et al. 2018), we introduce a customizable framework to promote information security policy compliance and lay out a plan to empirically test the proposed framework in a large public university in the southeast of US. The proposed framework can facilitate organizations to better understand their employees’ non-compliance behaviors and create effective remediation actions. This research also validates the UMISPC in a university setting, which will contribute to the generalizability and refinement of the UMISPC model after the study is successfully carried out. The limitations and future directions of this project are also discussed.
Recommended Citation
Li, Lei and Han, Meng, "Promoting Information Security Policy Compliance – An Empirical Study" (2020). AMCIS 2020 Proceedings. 39.
https://aisel.aisnet.org/amcis2020/info_security_privacy/info_security_privacy/39
Promoting Information Security Policy Compliance – An Empirical Study
Ensuring employees comply with the information security policy is an essential component of the security program in an organization. Grounded in action research and inspired by Unified Model of Information Security Compliance (UMISPC) (Moody et al. 2018), we introduce a customizable framework to promote information security policy compliance and lay out a plan to empirically test the proposed framework in a large public university in the southeast of US. The proposed framework can facilitate organizations to better understand their employees’ non-compliance behaviors and create effective remediation actions. This research also validates the UMISPC in a university setting, which will contribute to the generalizability and refinement of the UMISPC model after the study is successfully carried out. The limitations and future directions of this project are also discussed.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.