The purpose of this research is to investigate the relationship of multiple dimensions of employees' organizational commitment to their organization with information security policy (ISP) compliance. We draw upon the three-component model of commitment which considers commitment as a multidimensional construct comprised of affective commitment, continuance commitment, and normative commitment. While previous research has examined the impact of organizational commitment on ISP compliance, the multiple dimensions of organizational commitment have not been addressed, to our knowledge. We also include six organizational drivers, identified in previous research, which impact organizational commitment. This study will provide implications for practice by determining intrinsically driven commitment that influences employees to comply with ISP, enabling managers to identify ways to motivate employees to engage in secure behaviors in compliance with ISP.

Abstract Only