The Effect of Characteristics of Information Security Policy on Security Policy Compliance Intention of Employees

정보보안정책의 특성이 구성원들의 보안정책 준수 행위에 미치는 영향에 관한 연구

  • Received : 2012.11.14
  • Accepted : 2012.11.30
  • Published : 2013.01.31


There are two elements of security policy that can have a bearing on its effectiveness: content and form. While the content of the security policy has been investigated extensively in the most of the previous studies, there is very little literature on the form of the security policy. Since the form of the policy influences its success, it is important to understand how to articulate the form of a security policy. Thus, the aim of this study is to investigate the relationship between security form and policy compliance of employees. Research results find that dimensions of security form have effect on attitude towards security compliance, subjective norm, perceived behavioral control, and perceived response costs, and besides attitude towards security compliance and subjective norm have an effect on persistent security compliance intention. The conclusions and implications are discussed.