The Community for Technology Leaders
RSS Icon
Issue No.02 - February (2010 vol.43)
pp: 64-71
Mikko Siponen , University of Oulu, Finland
Seppo Pahnila , University of Oulu, Finland
M. Adam Mahmood , University of Texas at El Paso
The insignificant relationship between rewards and actual compliance with information security policies does not make sense. Quite possibly this relationship results from not applying rewards for security compliance.
Information security policy, Security, Deterrence theory, Protection motivation theory, Security and privacy
Mikko Siponen, Seppo Pahnila, M. Adam Mahmood, "Compliance with Information Security Policies: An Empirical Investigation", Computer, vol.43, no. 2, pp. 64-71, February 2010, doi:10.1109/MC.2010.35
1. S. Hinde, "Security Surveys Spring Crop," C omputers & Security, vol. 21, no. 4, 2002, pp. 310-321.
2. G. Dhillon and J. Backhouse, "Current Directions in Information Security Research: Toward Socio-Organizational Perspectives," Information Systems J., vol. 11, no. 2, 2001, pp. 127-153.
3. J.M. Stanton et al., "An Analysis of End User Security Behaviors," Computers & Security, vol. 24, 2005, pp. 124-133.
4. P. Puhakainen, "A Design Theory for Information Security Awareness," Acta Universitatis Ouluensis, Scientiae Rerum Naturalium (A 463), doctoral dissertation, ISBN 951-42-8113-6, 2006.
5. S. Pahnila, M.T. Siponen, and M.A. Mahmood, "Which Factors Explain Employees' Adherence to Information Security Policies? An Empirical Study," Proc. Pacific Asia Conf. Information Systems (PACIS 07), 2007, pp. 1-12.
6. M.T. Siponen, S. Pahnila, and M.A. Mahmood, "Employees' Behavior Towards IS Security Policy Compliance," Proc. 40th Ann. Hawaii Int'l. Conf. System Sciences (HICSS-40), IEEE CS Press, 2007, p. 1561.
7. J.F.J. Hair et al., Multivariate Data Analysis, Pearson Prentice Hall, 2006.
8. J.C. Nunnally, Introduction to Psychological Measurement, McGraw-Hill, 1970.
9. I. Ajzen, "The Theory of Planned Behavior," Organizational Behavior and Human Decision Processes, vol. 50, no. 2, 1991, pp. 179-211.
10. R.W. Rogers, "Cognitive and Physiological Processes in Fear Appeals and Attitude Change: A Revised Theory of Protection Motivation Theory," Social Psychophysiology, J. Cacioppo, and R. Petty eds., Guilford Press, 1983, pp. 153-176.
11. R.W. Rogers, and S. Prentice-Dunn, "Protection Motivation Theory," Handbook of Health Behavior Research I: Personal and Social Determinants, D.S. Gochman ed., Plenum Press, 1997, pp. 113-132.
12. S. Rippetoe, and R.W. Rogers, "Effects of Components of Protection-Motivation Theory on Adaptive and Maladaptive Coping with a Health Threat," J. Personality and Social Psychology, vol. 52, no. 3, 1987, pp. 596-604.
13. A. Forget, S. Chiasson, and R. Biddle, "Persuasion as Education for Computer Security," Proc. E-Learn 2007, AACE, 2007, pp. 822-829.
14. A. Bandura, "Self-Efficacy: Toward a Unifying Theory of Behaviour Change," Psychological Rev., vol. 84, no. 2, 1977, pp. 191-215.
15. G.E. Higgins, A.L. Wilson, and B.D. Fell, "An Application of Deterrence Theory to Software Piracy," J. Criminal Justice and Popular Culture, vol. 12, no. 3, 2005, pp. 166-184.
16. J. Cameron and W. Pierce, Rewards and Intrinsic Motivation, Bergin & Garvey, 2002.
17. M. Fishbein and I. Ajzen, Belief, Attitude, Intention and Behavior: An Introduction to Theory and Research, Addison-Wesley, 1975.
18. V. Venkatesh et al., "User Acceptance of Information Technology: Toward a Unified View," MIS Quarterly, vol. 27, no. 3, 2003, pp. 425-478.
3 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool