Details

Autor(en) / Beteiligte

• Pham, Hiep-Cong
• El-Den, Jamal
• Richardson, Joan

Titel

Stress-based security compliance model – an exploratory study

Ist Teil von

• Information and computer security, 2016-01, Vol.24 (4), p.326-347

Erscheinungsjahr

2016

Quelle

Alma/SFX Local Collection

Beschreibungen/Notizen

• Purpose This paper aims to extend current information security compliance research by adapting “work-stress model” of the extended Job Demands-Resources model to explore how security compliance demands, organization and personal resources influence end-user security compliance. The paper proposes that security compliance burnout and security engagement as the mediating factors between security compliance demands, organizational and personal resources and individual security compliance. Design/methodology/approach The authors used a multi-case in-depth interview method to explore the relevance and significance of security demands, organizational resources and personal resources on security compliance at work. Seventeen participants in three organizations including a bank, a university and an oil distribution company in Vietnam were interviewed during a four-month period. Findings The study identified three security demands, three security resources and two aspects of personal resources that influence security compliance. The study demonstrates that the security environment factors such as security demands and resources affected compliance burden and security engagement. Personal resources could play an integral role in moderating the impact of security environment on security compliance. Research limitations/implications The findings presented are not generalizable to the wider population of end-users in Vietnam due to the small sample size used in the interviews. Further quantitative studies need to measure the extent of each predictor on security compliance. Originality/value The originality of the research stems from proposing not only stress-based but also motivating factors from the security environment on security compliance. By using qualitative approach, the study provides more insight to understand the impact of the security environments on security compliance.