Paper Type

ERF

Abstract

Maintaining consistent employee compliance with information security policies (ISPs) has become a major concern for organizations. Existing studies have explored the persistence of compliance based on behavioral outcomes but lacked a comprehensive exploration of employees’ cognitions when making compliance decisions across different security environments. From a human judgment perspective, we draw on the cognitive continuum theory to explore employees' cognitive modes in complying with ISPs and their influences on actual compliance behaviors in different security environments. We plan to use semi-structured interviews to understand employees' cognitive processes and influencing factors in making compliance decisions, which will contribute to understanding the human judgment behind changes in employee compliance with ISPs over time.

Paper Number

1328

Author Connect URL

https://authorconnect.aisnet.org/conferences/AMCIS2024/papers/1328

Comments

SIGSEC

Author Connect Link

Share

COinS
 
Aug 16th, 12:00 AM

Intuition or Analysis? Investigation of Employees’ Cognitive Mode of Information Security Policy Compliance

Maintaining consistent employee compliance with information security policies (ISPs) has become a major concern for organizations. Existing studies have explored the persistence of compliance based on behavioral outcomes but lacked a comprehensive exploration of employees’ cognitions when making compliance decisions across different security environments. From a human judgment perspective, we draw on the cognitive continuum theory to explore employees' cognitive modes in complying with ISPs and their influences on actual compliance behaviors in different security environments. We plan to use semi-structured interviews to understand employees' cognitive processes and influencing factors in making compliance decisions, which will contribute to understanding the human judgment behind changes in employee compliance with ISPs over time.

When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.