To read this content please select one of the options below:

How different rewards tend to influence employee non-compliance with information security policies

Rima Khatib (Department of Business Technology Management, Wilfrid Laurier University – Brantford Campus, Brantford, Canada)
Henri Barki (Ecole des Hautes Etudes Commerciales, Montreal, Canada)

Information and Computer Security

ISSN: 2056-4961

Article publication date: 9 August 2021

Issue publication date: 31 January 2022

583

Abstract

Purpose

To help reduce the increasing number of information security breaches that are caused by insiders, past research has examined employee non-compliance with information security policy. However, existent studies have observed mixed results, which suggest that an interaction is likely to exist among the variables that explain employee non-compliance. In an effort to provide evidence for this possibility, this paper aims to better explain why employees routinely engage in non-compliant behaviors by examining the direct and interactive effects of employees’ perceived costs and rewards of compliance and non-compliance on their routinized non-compliant behaviors.

Design/methodology/approach

Based on rational choice theory, this study used 16 hypothetical scenarios in an experimental survey, collecting data from 326 respondents and analyzing them via structural equation modeling and a four-way factorial experiment.

Findings

The results suggest that routinized non-compliance of employees is more strongly influenced by the rewards than the costs they perceive in their non-compliance. Further, employees’ routinized non-compliance behavior was found to be positively influenced by an interactive effect of perceived rewards of compliance when their perceptions of their non-compliance costs and rewards were both high and low.

Originality/value

This paper’s key contribution is to suggest that non-compliance behavior is influenced by direct and interactive effects of perceived rewards of compliance and non-compliance.

Keywords

Citation

Khatib, R. and Barki, H. (2022), "How different rewards tend to influence employee non-compliance with information security policies", Information and Computer Security, Vol. 30 No. 1, pp. 97-116. https://doi.org/10.1108/ICS-01-2021-0008

Publisher

:

Emerald Publishing Limited

Copyright © 2021, Emerald Publishing Limited

Related articles