Compliance with information security policies: An empirical investigation

Computer

Volumn 43, Issue 2, 2010, Pages 64-71

  Siponen, Mikko ^a   Pahnila, Seppo ^a   Mahmood, M Adam ^b  

^a UNIVERSITY OF OULU   (Finland)

^b UNIVERSITY OF TEXAS AT EL PASO   (United States)

Author keywords

Deterrence theory; Information security policy; Protection motivation theory; Security; Security and privacy

Indexed keywords

EID: 77149132467     PISSN: 00189162     EISSN: None     Source Type: Trade Journal    
DOI: 10.1109/MC.2010.35     Document Type: Article

References (18)

1. S. Hinde, "Security Surveys Spring Crop," Computers & Security, vol.21, no.4, 2002, pp. 310-321.
2. G. Dhillon and J. Backhouse, "Current Directions in Information Security Research: Toward Socio-Organizational Perspectives," Information Systems J., vol.11, no.2, 2001, pp. 127-153
3. J.M. Stanton et al., "An Analysis of End User Security Behaviors," Computers & Security, vol.24, 2005, pp. 124-133.
4. P. Puhakainen, "A Design Theory for Information Security Awareness," Acta Universitatis Ouluensis, Scientiae Rerum Naturalium (A 463), doctoral dissertation, ISBN 951-42-8113-6, 2006.
5. S. Pahnila, M.T. Siponen, and M.A. Mahmood, "Which Factors Explain Employees' Adherence to Information Security Policies? An Empirical Study," Proc. Pacific Asia Conf. Information Systems (PACIS 07), 2007, pp. 1-12.
6. M.T. Siponen, S. Pahnila, and M.A. Mahmood, "Employees' Behavior Towards IS Security Policy Compliance," Proc. 40th Ann. Hawaii Int'l. Conf. System Sciences (HICSS-40), IEEE CS Press, 2007, p. 1561.
7. J.F.J. Hair et al., Multivariate Data Analysis, Pearson Prentice Hall, 2006.
8. J.C. Nunnally, Introduction to Psychological Measurement, McGraw-Hill, 1970.
9. I. Ajzen, "The Theory of Planned Behavior," Organizational Behavior and Human Decision Processes, vol.50, no.2, 1991, pp. 179-211.
10. R.W. Rogers, "Cognitive and Physiological Processes in Fear Appeals and Attitude Change: A Revised Theory of Protection Motivation Theory," Social Psychophysiology, J. Cacioppo and R. Petty, eds., Guilford Press, 1983, pp. 153-176.
11. R.W. Rogers and S. Prentice-Dunn, "Protection Motivation Theory," Handbook of Health Behavior Research I: Personal and Social Determinants, D.S. Gochman, ed., Plenum Press, 1997, pp. 113-132.
12. S. Rippetoe and R.W. Rogers, "Effects of Components of Protection-Motivation Theory on Adaptive and Maladaptive Coping with a Health Threat," J. Personality and Social Psychology, vol.52, no.3, 1987, pp. 596-604.
13. A. Forget, S. Chiasson, and R. Biddle, "Persuasion as Education for Computer Security," Proc. E-Learn 2007, AACE, 2007, pp. 822-829.
14. A. Bandura, "Self-Efficacy: Toward a Unifying Theory of Behaviour Change," Psychological Rev., vol.84, no.2, 1977, pp. 191-215.
15. G.E. Higgins, A.L. Wilson, and B.D. Fell, "An Application of Deterrence Theory to Software Piracy," J. Criminal Justice and Popular Culture, vol.12, no.3, 2005, pp. 166-184.
16. J. Cameron and W. Pierce, Rewards and Intrinsic Motivation, Bergin & Garvey, 2002.
17. M. Fishbein and I. Ajzen, Belief, Attitude, Intention and Behavior: An Introduction to Theory and Research, Addison-Wesley, 1975.
18. V. Venkatesh et al., "User Acceptance of Information Technology: Toward a Unified View," MIS Quarterly, vol.27, no.3, 2003, pp. 425-478.