T. Sommestad, J. Hallberg, K. Lundholm, and J. Bengtsson, Variables influencing information security policy compliance, Information Management & Computer Security, vol.22, issue.1, pp.42-75, 2014.
DOI : 10.1108/IMCS-08-2012-0045

A. Veiga, . Da, and J. Eloff, A framework and assessment instrument for information security culture, Computers & Security, vol.29, issue.2, pp.196-207, 2009.
DOI : 10.1016/j.cose.2009.09.002

D. Lacey, Understanding and transforming organizational security culture, Information Management & Computer Security, vol.18, issue.1, pp.4-13, 2010.
DOI : 10.1108/09685221011035223

G. Hofstede, National cultures, organizational cultures, and the role of management Values and Ethics for the 21st Century, pp.385-403, 2011.

M. Fishbein and I. Ajzen, Predicting and Changing Behavior: The Reasoned Action Approach, 2010.

I. Ajzen, The theory of planned behavior, Organizational Behavior and Human Decision Processes, vol.50, issue.2, pp.179-211, 1991.
DOI : 10.1016/0749-5978(91)90020-T

M. Fishbein, Theory of Reasoned Action, Nebraska Symp. Motiv, vol.27, pp.65-116, 1979.
DOI : 10.4135/9781412952576.n209

T. Sommestad and J. Hallberg, A Review of the Theory of Planned Behaviour in the Context of Information Security Policy Compliance, International Information Security and Privacy Conference, 2013.
DOI : 10.1037/0882-7974.9.1.126
URL : https://hal.archives-ouvertes.fr/hal-01463832

W. Verbeke, M. Volgering, and M. Hessels, Exploring the Conceptual Expansion within the Field of Organizational Behaviour: Organizational Climate and Organizational Culture, Journal of Management Studies, vol.35, issue.3, pp.303-329, 1998.
DOI : 10.1111/1467-6486.00095

K. Thomson and R. Von-solms, Information security obedience: a definition, Computers & Security, vol.24, issue.1, pp.69-75, 2005.
DOI : 10.1016/j.cose.2004.10.005

S. Furnell and K. Thomson, From culture to disobedience: Recognising the varying user acceptance of IT security, Computer Fraud & Security, vol.2009, issue.2, pp.5-10, 2009.
DOI : 10.1016/S1361-3723(09)70019-3

F. Karlsson, J. Åström, and M. Karlsson, Information security culture: State-of-the-art review between, 2000.

E. Schein, Coming to a new awareness of organizational culture, Sloan Manage. Rev, vol.25, 1984.

E. Schein, Preface Organizational culture and climate. pp. xi?xiii, 2012.

G. Hofstede, Dimensionalizing Cultures: The Hofstede Model in Context, Online Readings in Psychology and Culture, vol.2, issue.1, pp.1-26, 2011.
DOI : 10.9707/2307-0919.1014

F. J. Yammarino and F. Dansereau, Multilevel Issues in Organizational Culture and Climate Research The Handbook of Organizational Culture and Climate, pp.50-76, 2011.

J. Malcolmson, What is security culture? Does it differ in content from general organisational culture? 43rd Annual 2009 International Carnahan Conference on Security Technology, IEEE, pp.361-366, 2009.

T. Schlienger and S. Teufel, Information security culture-from analysis to change, IFIP TC11 International Conference on Information Security, 2003.

Q. Hu, T. Dinev, P. Hart, and D. Cooke, Managing Employee Compliance with Information Security Policies: The Critical Role of Top Management and Organizational Culture*, Decision Sciences, vol.26, issue.6, pp.615-660, 2012.
DOI : 10.1111/j.1540-5915.2012.00361.x

T. M. Dugo, The insider threat to organizational information security: a sturctural model and empirical test, p.1345, 2007.

B. Mccoy, G. Stephens, and K. Stevens, An Investigation of the Impact of Corporate Culture on Employee Information Systems Security Behaviour, 2009.

T. Herath and H. R. Rao, Protection motivation and deterrence: a framework for security policy compliance in organisations, European Journal of Information Systems, vol.48, issue.8, pp.106-125, 2009.
DOI : 10.1145/1076211.1076238

S. Furnell, End-user security culture: A lesson that will never be learnt? Comput. Fraud Secur, pp.6-9, 2008.

F. W. Guldenmund, The use of questionnaires in safety culture research ??? an evaluation, Safety Science, vol.45, issue.6, pp.723-743, 2007.
DOI : 10.1016/j.ssci.2007.04.006

R. Flin, Measuring safety culture in healthcare: A case for accurate diagnosis, Safety Science, vol.45, issue.6, pp.653-667, 2007.
DOI : 10.1016/j.ssci.2007.04.003

O. Connor, P. O-'dea, A. Kennedy, Q. Buttrey, and S. E. , Measuring safety climate in aviation: A review and recommendations for the future, Saf. Sci, vol.49, pp.128-138, 2011.

J. C. Turner, Towards a cognitive redefinition of the social group, Social identity and intergroup relations, pp.15-40, 1982.

D. E. Leidner and M. Milovich, Middle Management and Information Systems Strategy: The Role of Awareness and Involvement, 2014 47th Hawaii International Conference on System Sciences, pp.4396-4405, 2014.
DOI : 10.1109/HICSS.2014.542

J. Niekerk, . Van, R. Solms, and . Von, An holistic framework for the fostering of an information security sub-culture in organizations, Information Security South Africa (ISSA), 2005.

L. J. Cronbach and R. J. Shavelson, My Current Thoughts on Coefficient Alpha and Successor Procedures, Educational and Psychological Measurement, vol.64, issue.3, pp.391-418, 2004.
DOI : 10.1177/0013164404266386

R. A. Peterson, A Meta-Analysis of Cronbach's Coefficient Alpha, Journal of Consumer Research, vol.21, issue.2, pp.381-391, 2014.
DOI : 10.1086/209405