The issue of employee noncompliance with information security policies is universal. Noncompliance increases the possibility of invasive information security threats, which can result in compromised organizational assets. Although research has empirically revealed a relationship between structural empowerment and employee intention to comply with information security policies, the mediating role of psychological empowerment in the relationship has received limited attention. This study conceptualizes the role of psychological empowerment as a mediator between structural empowerment and the intention to comply with information security policy. It suggests that empowerment work structures, which include information security education, training, and awareness (SETA), access to information security strategic goals, and participation in information security decision-making all increase employees’ feelings of being psychologically empowered, which consequently leads to positive intentions to comply with information security policy.
Dhillon, Gurpreet; Abdul Talib, Yurita Yakimini; and Picoto, Winnie Ng
"The Mediating Role of Psychological Empowerment in Information Security Compliance Intentions,"
Journal of the Association for Information Systems: Vol. 21
, Article 5.
Available at: https://aisel.aisnet.org/jais/vol21/iss1/5