Protection motivation and deterrence: a framework for security policy compliance in organisations
Indexed incrossref
Abstract
Enterprises establish computer security policies to ensure the security of information resources; however, if employees and end-users of organisational information systems (IS) are not keen or are unwilling to follow security policies, then these efforts are in vain. Our study is informed by the literature on IS adoption, protection-motivation theory, deterrence theory, and organisational behaviour, and is motivated by the fundamental premise that the adoption of information security practices and policies is affected by organisational, environmental, and behavioural factors. We develop an Integrated Protection Motivation and Deterrence model of security policy compliance under the umbrella of Taylor-Todd's…
Citation impact
1,223
total citations
- FWCI
- 69.09
- Percentile
- 100%
- References
- 87
Citations per year
Authors
2Topics & keywords
Topics
Keywords
- Deterrence theory
- Information security
- Compliance (psychology)
- Business
- Information systems security
- Premise
- Information security management
- Public relations
UN Sustainable Development Goals
- Peace, Justice and strong institutions
No related works found for this paper.