The purpose of this paper is to examine the influence of security-related and employment relationship factors on employees’ security compliance decisions. A major challenge for organizations is encouraging employee compliance with security policies, procedures and guidelines. Specifically, we predict that security culture, job satisfaction and perceived organizational support have a positive effect on employees’ security compliance intentions.
This study used a survey approach for data collection. Data were collected using two online surveys that were administered at separate points in time.
Our results provide empirical support for security culture as a driver of employees’ security compliance in the workplace. Another finding is that an employee’s feeling of job satisfaction influences his/her security compliance intention, although this relationship appears to be contingent on the employee’s position, tenure and industry. Surprisingly, we also found a negative relationship between perceived organizational support and security compliance intention.
Our results provide one of the few empirical validations of security culture, and we recognize its multidimensional nature as conceptualized through top management commitment to security (TMCS), security communication and computer monitoring. We also extend security compliance research by considering the influence of employment relationship factors drawn from the organizational behavior literature.
An earlier version of this paper was presented at the Fifth Annual Symposium on Information Assurance (ASIA) on June 16-17, 2010 in Albany, New York, USA.
D'Arcy, J. and Greene, G. (2014), "Security culture and the employment relationship as drivers of employees’ security compliance", Information Management & Computer Security, Vol. 22 No. 5, pp. 474-489. https://doi.org/10.1108/IMCS-08-2013-0057Download as .RIS
Emerald Group Publishing Limited
Copyright © 2014, Emerald Group Publishing Limited