Organizational formalization and employee information security behavioral intentions based on an extended TPB model
2019 International Conference on Cyber Security and Protection of Digital Services, Cyber Security 2019
Institute of Electrical and Electronics Engineers (IEEE)
School of Science
Information security is a worldwide problem, and the psychological and behavioral factors of users are some of the most important reasons for the occurrence of information security incidents. Although many previous studies have discussed the influencing factors of information security behaviors, few have considered the impacts of organizational structures. In this study, the formation mechanism of information security behavioral intention was studied by integrating the Theory of Planned Behavior (TPB) and organizational formalization. Data analysis was performed using the Structural Equation Model (SEM) analysis, based on a survey of 261 company employees. The empirical results showed that organizational formalization had significant effect on cognitive processes theorized by TPB, and TPB was still applicable to predict and explain the information security behavioral intention. This study suggests that more formalized rules, procedures, and communications should be designed in order to increase employees' information security behavioral intentions.