To read the full version of this content please select one of the options below:

Security culture and the employment relationship as drivers of employees’ security compliance

John D'Arcy (Department of Accounting and MIS, University of Delaware, Newark, Delaware, USA)
Gwen Greene (Department of Applied Information Technology, Towson University, Towson, Maryland, USA)

Information Management & Computer Security

ISSN: 0968-5227

Article publication date: 10 November 2014

Downloads
2602

Abstract

Purpose

The purpose of this paper is to examine the influence of security-related and employment relationship factors on employees’ security compliance decisions. A major challenge for organizations is encouraging employee compliance with security policies, procedures and guidelines. Specifically, we predict that security culture, job satisfaction and perceived organizational support have a positive effect on employees’ security compliance intentions.

Design/methodology/approach

This study used a survey approach for data collection. Data were collected using two online surveys that were administered at separate points in time.

Findings

Our results provide empirical support for security culture as a driver of employees’ security compliance in the workplace. Another finding is that an employee’s feeling of job satisfaction influences his/her security compliance intention, although this relationship appears to be contingent on the employee’s position, tenure and industry. Surprisingly, we also found a negative relationship between perceived organizational support and security compliance intention.

Originality/value

Our results provide one of the few empirical validations of security culture, and we recognize its multidimensional nature as conceptualized through top management commitment to security (TMCS), security communication and computer monitoring. We also extend security compliance research by considering the influence of employment relationship factors drawn from the organizational behavior literature.

Keywords

Acknowledgements

An earlier version of this paper was presented at the Fifth Annual Symposium on Information Assurance (ASIA) on June 16-17, 2010 in Albany, New York, USA.

Citation

D'Arcy, J. and Greene, G. (2014), "Security culture and the employment relationship as drivers of employees’ security compliance", Information Management & Computer Security, Vol. 22 No. 5, pp. 474-489. https://doi.org/10.1108/IMCS-08-2013-0057

Publisher

:

Emerald Group Publishing Limited

Copyright © 2014, Emerald Group Publishing Limited