Graduation Semester and Year
2017
Language
English
Document Type
Dissertation
Degree Name
Doctor of Philosophy in Information Systems
Department
Information Systems and Operations Management
First Advisor
Jingguo Wang
Abstract
Motivating employees to comply with information security policies (ISP) is a major challenge for organizations. Employees who do not comply with these policies can impose a serious threat to the safety of organizational information assets. Information security scholars drawing upon several theories have investigated various factors that can help motivate employees to comply with the ISP. Among many factors, social influence proved to be an effective force in motivating employee compliance behavior. However, its role and various effects on employee ISP compliance as well as its utilization mechanisms have not been deeply investigated. This dissertation is a collection of three papers addressing a series of related questions including (1) through which psychological processes social influence may be internalized and then affect employee compliance; (2) how social influence, at both organizational micro and macro level, alter the effectiveness of well-established motivational rule-following models; and finally (3) how we can utilize social influence to successfully motivate employees to comply. Accordingly, the first essay focuses on how personal norms regarding ISP affect employee compliance. In particular, it examines how such norms are shaped and activated to motivate employee compliance. In addition, the second essay introduces a social contingency model proposing that the well-established rule-following approaches of command-and-control and self- 5 regulatory are contingent upon organizational rules ethical climate as well as employee susceptibility to interpersonal influence. Finally, the third essay discusses the role of collective responsibility and peer monitoring in motivating ISP compliance.
Keywords
Information Security Policy Compliance, Norm Activation Theory, Social Influence, Command-and-Control, Self-Regulatory, Susceptibility to Interpersonal Influence, Peer Monitoring, Collective Responsibility
Disciplines
Business | Management Information Systems
License
This work is licensed under a Creative Commons Attribution-NonCommercial-Share Alike 4.0 International License.
Recommended Citation
Yazdanmehr, Adel, "THREE ESSAYS ON INFORMATION SECURITY POLICY COMPLIANCE: THE ROLE OF SOCIAL INFLUENCE" (2017). Information Systems & Operations Management Dissertations. 18.
https://mavmatrix.uta.edu/infosystemsopmanage_dissertations/18
Comments
Degree granted by The University of Texas at Arlington