Loading...
Paper Type
Complete
Abstract
In the face of ever-growing IS-security breaches and their substantial impacts on organizations and societies, the necessity of enhancing organizational IS-security becomes paramount. Meanwhile, the employees’ compliance with organizational IS-security policies (ISSP) is known to be critical for ensuring security. However, the extant knowledge about ISSP-compliance has remained scattered and inconclusive, and the social aspects of compliance are mostly underexplored despite their importance and impact. Moreover, there is a need for more studies that bridge the gap between the design side and the behavioral sides of IS-security; such a gap has created both conceptual and practical shortfalls within the literature. In this paper, we address these gaps by first introducing an enhanced unified framework of ISSP-compliance and, second, by theorizing a model where we propose that transparency of use enacts four distinct social practices, which, in turn, increase the employees’ compliance with ISSP. Future avenues of research are also suggested.
Recommended Citation
Falahati, Arman and Lapointe, Liette, "Compliance with IS-Security-Policies: A Socio-Material Perspective Towards Security" (2020). AMCIS 2020 Proceedings. 9.
https://aisel.aisnet.org/amcis2020/info_security_privacy/info_security_privacy/9
Compliance with IS-Security-Policies: A Socio-Material Perspective Towards Security
In the face of ever-growing IS-security breaches and their substantial impacts on organizations and societies, the necessity of enhancing organizational IS-security becomes paramount. Meanwhile, the employees’ compliance with organizational IS-security policies (ISSP) is known to be critical for ensuring security. However, the extant knowledge about ISSP-compliance has remained scattered and inconclusive, and the social aspects of compliance are mostly underexplored despite their importance and impact. Moreover, there is a need for more studies that bridge the gap between the design side and the behavioral sides of IS-security; such a gap has created both conceptual and practical shortfalls within the literature. In this paper, we address these gaps by first introducing an enhanced unified framework of ISSP-compliance and, second, by theorizing a model where we propose that transparency of use enacts four distinct social practices, which, in turn, increase the employees’ compliance with ISSP. Future avenues of research are also suggested.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.