To read this content please select one of the options below:

Why users (fail to) read computer usage policies

C. Bryan Foltz (Department of Computer Science and Information Systems, University of Tennessee at Martin, Martin, Tennessee, USA)
Paul H. Schwager (Department of Management Information Systems, East Carolina University, Greenville, North Carolina, USA)
John E. Anderson (Department of Information Systems and Technology, Utah Valley University, Orem, Utah, USA)

Industrial Management & Data Systems

ISSN: 0263-5577

Article publication date: 27 June 2008




This paper aims to improve understanding of individuals' awareness and perceptions of computer usage policies (CUPs) and why individuals elect not to read these policies.


MBA students were asked to complete an online survey evaluating their behavioral intention to read CUPs, as well as their performance of this behavior. Factors contributing to the intention to read policies were also examined. The resulting data were analyzed with Smart PLS.


Results suggest that three factors influence individual intention to read CUPs. These factors include attitude, apathy, and social trust. The model explained about 70 percent of individual intention to read CUPs and about 44 percent of the variability in actually reading these policies.

Research limitations/implications

The sample is limited to MBA students from a single university.

Practical implications

Although written policy statements are often considered the cornerstone of computer security, many individuals elect not to read these policies. Thus, other methods of communication must be used.


This paper examines the reasons individuals elect not to read CUPs. Given the importance of these policies as deterrents to information systems misuse and computer crime, understanding why individuals fail to read policies is a critical first step in enhancing user knowledge of computer security.



Bryan Foltz, C., Schwager, P.H. and Anderson, J.E. (2008), "Why users (fail to) read computer usage policies", Industrial Management & Data Systems, Vol. 108 No. 6, pp. 701-712.



Emerald Group Publishing Limited

Copyright © 2008, Emerald Group Publishing Limited

Related articles