The organizational Relationship between Compliance and Information Security

Maurizio Cavallari

Risultato della ricerca: Contributo in rivistaArticolo in rivistapeer review

Abstract

Organizations continually experience losses, financial and otherwise, due to non-compliant behav- iour (Stanton et al., 2005). As managers must balance the task of motivating employees to comply, without imposing counter-productive forms of punishment for non-compliant behaviour, executing leadership in agreement with IT security policy and compliance is emerging as a challenge (D’Arcy et al., 2009). Information system security is an essential feature in most organizations today and compliance is one method of gaining visibility for processes and controls that ensure digital security, the orga- nizational aspect of which being explicit in the Information Security Plan (ISP). The purpose of this paper is to investigate the perceptions and beliefs held by employees and managers regarding compliance with their company’s ISP, by means of the identification of a set of constructs based on workplace culture, personal attitudes and the players (actors) involved. Fifteen variables have been used to build the constructs and this research, an empirical investigation of a set of 7 hypotheses, has been conducted by means of a questionnaire and presents the confirmation of these hypotheses, along with other significant findings, as its conclusions.
Lingua originaleEnglish
pagine (da-a)63-76
Numero di pagine14
RivistaINTERNATIONAL JOURNAL OF THE ACADEMIC BUSINESS WORLD
Volume5
Stato di pubblicazionePubblicato - 2011
Pubblicato esternamente

Keywords

  • ISS
  • analysis
  • compliance
  • empirical
  • information systems security
  • organisation

Fingerprint

Entra nei temi di ricerca di 'The organizational Relationship between Compliance and Information Security'. Insieme formano una fingerprint unica.

Cita questo