The organizational Relationship between Compliance and Information Security

Maurizio Cavallari

Risultato della ricerca: Contributo in rivistaArticolo in rivistapeer review


Organizations continually experience losses, financial and otherwise, due to non-compliant behav- iour (Stanton et al., 2005). As managers must balance the task of motivating employees to comply, without imposing counter-productive forms of punishment for non-compliant behaviour, executing leadership in agreement with IT security policy and compliance is emerging as a challenge (D’Arcy et al., 2009). Information system security is an essential feature in most organizations today and compliance is one method of gaining visibility for processes and controls that ensure digital security, the orga- nizational aspect of which being explicit in the Information Security Plan (ISP). The purpose of this paper is to investigate the perceptions and beliefs held by employees and managers regarding compliance with their company’s ISP, by means of the identification of a set of constructs based on workplace culture, personal attitudes and the players (actors) involved. Fifteen variables have been used to build the constructs and this research, an empirical investigation of a set of 7 hypotheses, has been conducted by means of a questionnaire and presents the confirmation of these hypotheses, along with other significant findings, as its conclusions.
Lingua originaleEnglish
pagine (da-a)63-76
Numero di pagine14
Stato di pubblicazionePubblicato - 2011
Pubblicato esternamente


  • ISS
  • analysis
  • compliance
  • empirical
  • information systems security
  • organisation


Entra nei temi di ricerca di 'The organizational Relationship between Compliance and Information Security'. Insieme formano una fingerprint unica.

Cita questo