In today’s world, information security is a trending as well as a crucial topic for both individuals and organizations. Experts believe that nothing can guarantee any system’s security unless humans’ information security behavior is taken under consideration. Opening an e-mail attachment without checking its source, sharing account information with other people and browsing websites without checking its reliability can be considered as common mistakes in information security behavior. This study examines the factors affecting information security behavior by scrutinising its relationship with different variables which are information knowledge sharing, information security organization policy, the intention of attending information security training and self-efficacy. The present study extensively analyses the data collected from a survey of 630 people ranging from students to managers aged between 15 to 79 in order to generalize the Turkish context. The results of reliability measures and confirmatory factor analysis support the scale of the study. The present study’s findings show that there is a positive relationship between the factors mentioned above and information security behavior.
DOCUMENT
In this paper we research the following question: What motivational factors relate, in which degree, to intentions on compliance to ISP and how could these insights be utilized to promote endusers compliance within a given organization? The goal of this research is to provide more insight in the motivational factors applicable to ISP and their influence on end-user behavior, thereby broadening knowledge regarding information systems security behaviors in organizations from the viewpoint of non-malicious abuse and offer a theoretical explanation and empirical support. The outcomes are also useful for practitioners to complement their security training and awareness programs, in the end helping enterprises better effectuate their information security policies. In this study an instrument is developed that can be used in practice to measure an organizational context on the effects of six motivational factors recognized. These applicable motivational factors are determined from literature and subsequently evaluated and refined by subject matter experts. A survey is developed, tested in a pilot, refined and conducted within four organizations. From the statistical analysis, findings are reported and conclusions on the hypothesis are drawn. Recommended Citation Straver, Peter and Ravesteyn, Pascal (2018) "End-users Compliance to the Information Security Policy: A Comparison of Motivational Factors," Communications of the IIMA: Vol. 16 : Iss. 4 , Article 1. Available at: https://scholarworks.lib.csusb.edu/ciima/vol16/iss4/1
MULTIFILE
Worldwide there is a lack of well-educated and experienced information security specialists. The first step to address this issue is arranging enough people with a well-known and acceptable basic level of information security competences. However, there might be a lot of information security education and training, but there is anything but a well-defined outflow level with a known and acceptable basic level of information security competences. There exists a chaotic situation in respect of the qualification of information security professionals, with the emergence of a large number of difficult to compare certificates and job titles. Apparently the information security field requires uniform qualifications that are internationally recognized. Such qualifications could be an excellent way of unambiguously clarifying the knowledge and skills of information security professionals. Furthermore it gives educational institutions a framework which facilitates the development of appropriate information security education and training.
DOCUMENT