Motivating information security policy compliance: Insights from perceived organizational formalization

Abstract

Psychological and behavioral characteristics are among the most important factors that instigate information security incidents. Although many previous studies have discussed the influencing factors of information security policy compliance behavior in an organization, few have considered the influence of organizational structures. In this study, the mechanism by which information security policy compliance behavioral intention is formed was studied by integrating the theory of planned behavior (TPB) and perceived organizational formalization. Data analysis was performed using the structural equation modeling (SEM) with data obtained from a survey of 261 company employees. The empirical results reveal that perceived organizational formalization significant affected cognitive processes theorized by TPB, behavioral habits, and deterrent certainty. This study suggests that formalized rules, procedures, and communications should be designed to improve employee information security policy compliance behavioral habits and intentions.

RAS ID

31197

Document Type

Journal Article

Date of Publication

2022

Funding Information

Zhejiang Provincial Natural Science Foundation of China Zhejiang Provincial Statistical Research Project of China Zhejiang Philosophy and Social Sciences Planning Project of China

School

School of Science

Copyright

subscription content

Publisher

Taylor & Francis

Comments

Hong, Y., & Furnell, S. (2022). Motivating information security policy compliance: Insights from perceived organizational formalization. Journal of Computer Information Systems, 62(1), 19-28. https://doi.org/10.1080/08874417.2019.1683781

Share

 
COinS
 

Link to publisher version (DOI)

10.1080/08874417.2019.1683781