Loading...

Media is loading
 

Paper Type

Complete

Abstract

In the face of ever-growing IS-security breaches and their substantial impacts on organizations and societies, the necessity of enhancing organizational IS-security becomes paramount. Meanwhile, the employees’ compliance with organizational IS-security policies (ISSP) is known to be critical for ensuring security. However, the extant knowledge about ISSP-compliance has remained scattered and inconclusive, and the social aspects of compliance are mostly underexplored despite their importance and impact. Moreover, there is a need for more studies that bridge the gap between the design side and the behavioral sides of IS-security; such a gap has created both conceptual and practical shortfalls within the literature. In this paper, we address these gaps by first introducing an enhanced unified framework of ISSP-compliance and, second, by theorizing a model where we propose that transparency of use enacts four distinct social practices, which, in turn, increase the employees’ compliance with ISSP. Future avenues of research are also suggested.

Share

COinS
 
Aug 10th, 12:00 AM

Compliance with IS-Security-Policies: A Socio-Material Perspective Towards Security

In the face of ever-growing IS-security breaches and their substantial impacts on organizations and societies, the necessity of enhancing organizational IS-security becomes paramount. Meanwhile, the employees’ compliance with organizational IS-security policies (ISSP) is known to be critical for ensuring security. However, the extant knowledge about ISSP-compliance has remained scattered and inconclusive, and the social aspects of compliance are mostly underexplored despite their importance and impact. Moreover, there is a need for more studies that bridge the gap between the design side and the behavioral sides of IS-security; such a gap has created both conceptual and practical shortfalls within the literature. In this paper, we address these gaps by first introducing an enhanced unified framework of ISSP-compliance and, second, by theorizing a model where we propose that transparency of use enacts four distinct social practices, which, in turn, increase the employees’ compliance with ISSP. Future avenues of research are also suggested.

When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.