Organizational information security policies: a review and research framework
A major stream of research within the field of information systems security examines the use
of organizational policies that specify how users of information and technology resources …
of organizational policies that specify how users of information and technology resources …
Information security behavior and information security policy compliance: A systematic literature review for identifying the transformation process from noncompliance …
A grave concern to an organization's information security is employees' behavior when they
do not value information security policy compliance (ISPC). Most ISPC studies evaluate …
do not value information security policy compliance (ISPC). Most ISPC studies evaluate …
Seeing the forest and the trees
A rich stream of research has identified numerous antecedents to employee compliance
(and noncompliance) with information security policies. However, the number of competing …
(and noncompliance) with information security policies. However, the number of competing …
Investigating the impact of cybersecurity policy awareness on employees' cybersecurity behavior
As internet technology and mobile applications increase in volume and complexity,
malicious cyber-attacks are evolving, and as a result society is facing greater security risks in …
malicious cyber-attacks are evolving, and as a result society is facing greater security risks in …
Cognitive‐affective drivers of employees' daily compliance with information security policies: A multilevel, longitudinal study
We present a model of employee compliance with information security policy (ISP) that (1)
explicates stable, cognitive beliefs regarding the consequences of compliance and …
explicates stable, cognitive beliefs regarding the consequences of compliance and …
The dark triad and knowledge hiding
By drawing on psychological contract theory, this study examined the effects of the dark triad
of personality traits (Machiavellianism, narcissism, and psychopathy) on knowledge hiding …
of personality traits (Machiavellianism, narcissism, and psychopathy) on knowledge hiding …
Motivating information security policy compliance: The critical role of supervisor-subordinate guanxi and organizational commitment
Employees' non-compliance with organizational information security policy (ISP) when using
informational resources has become the main reason for continuous security incidents …
informational resources has become the main reason for continuous security incidents …
Security education, training, and awareness programs: Literature review
Security education, training, and awareness (SETA) is one of the most common and
prominent strategies for organizational security governance. However, only a small portion …
prominent strategies for organizational security governance. However, only a small portion …
Understanding inconsistent employee compliance with information security policies through the lens of the extended parallel process model
Organizational information security (ISec) threats have exploded with advances in
globalization and technology. Thus, organizations are scrambling to find both technical and …
globalization and technology. Thus, organizations are scrambling to find both technical and …
Employees' in-role and extra-role information security behaviors from the PE fit perspective
Organizations are increasingly seeking ways to encourage employee in-role and extra-role
information security (InfoSec) behaviors for enhancing organizational InfoSec. One …
information security (InfoSec) behaviors for enhancing organizational InfoSec. One …