MWAIS 2021 Proceedings


Employees' noncompliance with Information security policies (ISPs) has been a central concern and a problematic issue to organizations worldwide. Concerning this matter, researchers who have examined information security have identified that many organizations have focused on information security's technical aspects, including hardware and software measures. However, using only technical actions is insufficient; the nontechnical dimension, such as human/people, social and organizational aspects, should be included to ensure a secure information system environment. For instance, very little is known about how organizational culture affects the implementation of information security policy, which has not been rigorously examined. Thus, this study is conducted to assess the moderating effect of organizational culture on employees' intention to comply with ISP. A research model is built using computing value framework (CVF) organizational culture theory and rational choice theory constructs. We use the survey method to collect data from companies in Ethiopia and Finland.