Issue No.02 - February (2010 vol.43)
Seppo Pahnila , University of Oulu, Finland
Mikko Siponen , University of Oulu, Finland
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MC.2010.35
The insignificant relationship between rewards and actual compliance with information security policies does not make sense. Quite possibly this relationship results from not applying rewards for security compliance.
Information security policy, Security, Deterrence theory, Protection motivation theory, Security and privacy
Seppo Pahnila, Mikko Siponen, "Compliance with Information Security Policies: An Empirical Investigation", Computer, vol.43, no. 2, pp. 64-71, February 2010, doi:10.1109/MC.2010.35