A Review of the Theory of Planned Behaviour in the Context of Information Security Policy Compliance

Abstract : The behaviour of employees influences information security in virtually all organisations. To inform the employees regarding what constitutes desirable behaviour, an information security policy can be formulated and communicated. However, not all employees comply with the information security policy. This paper reviews and synthesises 16 studies related to the theory of planned behaviour. The objective is to investigate 1) to what extent the theory explains information security policy compliance and violation and 2) whether reasonable explanations can be found when the results of the studies diverge. It can be concluded that the theory explains information security policy compliance and violation approximately as well as it explains other behaviours. Some potential explanations can be found for why the results of the identified studies diverge. However, many of the differences in results are left unexplained.
Type de document :
Communication dans un congrès
Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.257-271, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_20〉
Liste complète des métadonnées

Littérature citée [40 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01463832
Contributeur : Hal Ifip <>
Soumis le : jeudi 9 février 2017 - 17:24:00
Dernière modification le : jeudi 9 février 2017 - 17:37:19
Document(s) archivé(s) le : mercredi 10 mai 2017 - 14:39:15

Fichier

978-3-642-39218-4_20_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Teodor Sommestad, Jonas Hallberg. A Review of the Theory of Planned Behaviour in the Context of Information Security Policy Compliance. Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.257-271, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_20〉. 〈hal-01463832〉

Partager

Métriques

Consultations de la notice

184

Téléchargements de fichiers

111