With security breaches occurring regularly, organizations must employ strong security countermeasures to protect private, valuable information. Organizational insiders pose a major threat to the security of organizations by direct and intentional misuse of information assets and by the careless and negligent use of information. Developing strong information security policy (ISP) is important to thwarting insider security threats. To date, behavioral information security research has primarily examined ISP from a procedural viewpoint. Outcome-oriented security policy is understudied. This research-in-progress proposes a study of security policy to determine how the inclusion of outcome-oriented security policy influences insiders’ attitudes toward and intentions to follow procedural security policy. An experiment is proposed to test the hypotheses.