Information security trends show that many studies focus on information security in investigating employees’ motivated behavior for compliance with information security policies. The literature, however, lacks attention in understanding how escalating behavior may be an antecedent of noncompliance behavior. The objective of this study is to examine the factors that influence employees to violate their organization’s information security policy, where violation occurs during the escalation of commitment to a failing course of action. The proposed model draws on three theories that explain escalation of commitment, namely: prospect theory (PT), approach avoidance theory (AAT) and agency theory (AT). The paper specifies the three theories as complementary to facilitating an understanding of how employees engage in risky decisions to violate information security policy. The paper ends with a discussion of the implications of the proposed model by presenting a unique context for future research in the area of information security.