Skip to Main content Skip to Navigation
Conference papers

Social Groupings and Information Security Obedience Within Organizations

Abstract : Individuals’ compliance with information security policies is important for the overall security of organizations. It has been suggested that obedience cultures exist in organizations and that social processes and structures play a role for the compliance intentions and compliance behavior of individuals. This paper investigates if individuals’ compliance intention is more homogenous within social groups in the workplace than they are within the workplace overall workplace and the effect these groups have are in line with the theory of planned behavior. The results show that a considerable portion of variance in information security policy compliance intentions is explained by the respondents’ organizational department (15%), professional knowledge area (17%), and the same lunch room (18%). While sizeable and significant effects can be found on intentions the effects on attitudes, norm and perceived behavior control are less clear. The only statistically significant (p<0.05) effect is from department on attitudes and perceived norm, each with 6% explained variance. This suggests that the theory of planned behavior fails to account for factors tied to these types of social groups.
Document type :
Conference papers
Complete list of metadata

Cited literature [31 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Wednesday, July 13, 2016 - 11:03:26 AM
Last modification on : Wednesday, July 13, 2016 - 11:18:42 AM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Teodor Sommestad. Social Groupings and Information Security Obedience Within Organizations. 30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. pp.325-338, ⟨10.1007/978-3-319-18467-8_22⟩. ⟨hal-01345118⟩



Record views


Files downloads