The Mitigation of Information Security Related Technostress and Compliance Intention

조직 내 정보보안 기술스트레스 완화와 준수의도

  • Received : 2020.01.10
  • Accepted : 2020.02.01
  • Published : 2020.03.31


Purpose As information management grows in importance around the world, organizations are investing in information security technology. However, the higher the level of information security technology in an organization, the higher the techno-stress of employees. The purpose of this study is to suggest stress factors related to information security technology that affect the reduction of employees' intention to comply with information security and to suggest ways to alleviate stress. Design/methodology/approach The research presented a model for mitigating technical stress related to information security based on technical stress theory and person-organization fit theory. 346 questionnaire data were analyzed from the members of the organization who applied the information security technology, and the research hypothesis was verified through the structural equation modeling. Findings The hypothesis test confirms that security-related techno-stress reduces the information security compliance intention of employees, organizational technical support mitigates technical stress, and person-organization fitness mitigates the negative relationship between techno-stress and compliance intention. The results of the study contribute to the organization's strategy for minimizing the reduction of the information security compliance intention of employees, and are meaningful in that the theoretical basis for mitigating techno-stress is provided in the field of information security.


Supported by : 한국연구재단


  1. 유인진, 박도형 "중소기업 프로파일링 분석을 통한 기술유출 방지 및 보호 모형 연구," 정보시스템연구, 제27권, 제1호, 2018, pp. 171-191.
  2. 황인호, 김승욱, "조직원의 정보보안 관련 업무 스트레스에 대한 억제 및 업무대처에 대한 연구: 금융 비즈니스를 중심으로," e-비즈니스연구, 제18권, 제3호, 2017, pp. 147-165.
  3. 황인호, 김상현, "SCO Framework 을 적용한 조직과 조직원의 정보보안 준수 관계 연구," 정보시스템연구, 제28권, 제4호, 2019, pp. 105-129.
  4. Alniacik, E., Alniacik, U., Erat, S., and Akcin, K., "Does Person - Organization Fit Moderate the Effects of Affective Commitment and Job Satisfaction on Turnover Intentions?," Procedia-Social and Behavioral Sciences, Vol. 99, 2013, pp. 274-281.
  5. Andrews, M. C., Baker, T., and Hunt, T. G., "Values and Person-Organization Fit: Does Moral Intensity Strengthen Outcomes?," Leadership & Organization Development Journal, Vol. 32, No.1, 2011, pp. 5-19.
  6. Ayyagari, R., Grover, V., and Purvis, R., "Technostress: Technological Antecedents and Implications," MIS Quarterly, Vol. 35, No. 4, 2011, pp. 831-858.
  7. Brod, C., Technostress: The Human Cost of the Computer Revolution. Reading, MA: Addison-Wesley, 1984.
  8. Bulgurcu, B., Cavusoglu, H., and Benbasat, I., "Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness," MIS Quarterly, Vol. 34, No. 3, 2010, pp. 523-548.
  9. Cable, D. M., and Judge, T. A., "Person-Organization Fit, Job Choice Decisions, and Organizational Entry," Organizational Behavior and Human Decision Processes, Vol. 67, No. 3, 1996, pp. 294-311.
  10. Chen, Y., Ramamurthy, K., and Wen, K. W., "Organizations' Information Security Policy Compliance: Stick or Carrot Approach?," Journal of Management Information Systems, Vol. 29, No.3, 2012, pp. 157-188.
  11. D'Arcy, J., Herath, T., and Shoss, M. K., "Understanding Employee Responses to Stressful Information Security Requirements: A Coping Perspective," Journal of Management Information Systems, Vol. 31, No. 2, 2014, pp. 285-318.
  12. D'Arcy, J., Hovav, A., and Galletta, D., "User Awareness of Security Countermeasures and its Impact on Information Systems Misuse: A Deterrence Approach," Information Systems Research, Vol. 20, No. 1, 2009, pp.79-98.
  13. D'Arcy, J., and Teh, P. L., "Predicting Employee Information Security Policy Compliance on a Daily Basis: The Interplay of Security-Related Stress, Emotions, and Neutralization," Information & Management, Vol. 56, No. 7, 2019, 103151.
  14. Dawson, J. F., "Moderation in Management Research: What, Why, When and How," Journal of Business and Psychology, Vol. 29, No. 1, 2014, pp. 1-19.
  15. Fornell, C., and Larcker, D. F., "Evaluating Structural Equation Models with Unobservable Variables and Measurement Error," Journal of Marketing Research, Vol. 18, No. 1, 1981, pp. 39-50.
  16. French, J. R. P., Caplan, R. D., and Harrison, R. V., The Mechanisms of Job Stress and Strain. New York: Wiley, 1982.
  17. Fuglseth, A. M., and Sorebo, O., "The Effects of Technostress within the Context of Employee Use of ICT," Computers in Human Behavior, Vol. 40, 2014, pp. 161-170.
  18. Galluch, P. S., Grover, V., and Thatcher, J. B., "Interrupting the Workplace: Examining Stressors in an Information Technology Context," Journal of the Association for Information Systems, Vol. 16, No. 1, 2015, pp. 1-47.
  19. Gaudioso, F., Turel, O., and Galimberti, C., "The Mediating Roles of Strain Facets and Coping Strategies in Translating Techno-Stressors into Adverse Job Outcomes," Computers in Human Behavior, Vol. 69, 2017, pp. 189-196.
  20. Grandviewresearch, Cyber Security Market Size, Share & Trends Analysis Report By Component, By Security Type, By Solution, By Service, By Deployment, By Organization, By Application, And Segment Forecasts, 2019 - 2025, 2019.
  21. Guo, K. H., and Yuan, Y., "The Effects of Multilevel Sanctions on Information Security Violations: A Mediating Model," Information & Management, Vol. 49, No. 6, 2012, pp. 320-326.
  22. Guo, K. H., Yuan, Y., Archer, N. P., and Connelly, C. E., "Understanding Nonmalicious Security Violations in the Workplace: A Composite Behavior Model," Journal of Management Information Systems, Vol. 28, No. 2, 2011, pp. 203-236.
  23. Herath, T., and Rao, H. R., "Encouraging Information Security Behaviors in Organizations: Role of Penalties, Pressures and Perceived Effectiveness," Decision Support Systems, Vol. 47, No. 2, 2009, pp. 154-165.
  24. Hung, W. H., Chen, K., and Lin, C. P., "Does the Proactive Personality Mitigate the Adverse Effect of Technostress on Productivity in the Mobile Environment?," Telematics and Informatics, Vol. 32, No. 1, 2015, pp. 143-157.
  25. Hwang, I., and Cha, O., "Examining Technostress Creators and Role Stress as Potential Threats to Employees' Information Security Compliance," Computers in Human Behavior, Vol. 81, 2018, pp. 282-293.
  26. Hwang, I., Kim, D., Kim, T., and Kim, S., "Why Not Comply with Information Security? An Empirical Approach for the Causes of Non-compliance," Online Information Review, Vol. 41, No. 1, 2017, pp.2-18.
  27. Hwang, I. H., and Lee, H. Y., "The Employee's Information Security Policy Compliance Intention: Theory of Planned Behavior, Goal Setting Theory, and Deterrence Theory Applied," Journal of Digital Convergence, Vol. 14, No. 7, 2016, pp. 155-166.
  28. Hwang, I., Wakefield, R., Kim, S., and Kim, T., "Security Awareness: The First Step in Information Security Compliance Behavior," Journal of Computer Information Systems, 2019, pp. 1-12.
  29. Jena, R. K., "Technostress in ICT Enabled Collaborative Learning Environment: An Empirical Study among Indian Academician," Computers in Human Behavior, Vol. 51, 2015, pp. 1116-1123.
  30. Kristof, A. L., "Person-Organization Fit: An Integrative Review of its Conceptualizations, Measurement, and Implications," Personnel Psychology, Vol. 49, 1996, pp. 1-49.
  31. Kristof-Brown, A. L., Zimmerman, R. D., Johnson, E. C., and Henry, B., "Consequences of Individuals' Fit at Work: A Meta-Analysis of Person-Job, Person-Organization, Person-Group, and Person-Supervisor Fit," Personnel Psychology, Vol. 58, No. 2, 2005, pp. 281-342.
  32. Lauver, K. J., and Kristof-Brown, A., "Distinguishing Between Employees' Perceptions of Person-Job and Person-Organization Fit," Journal of Vocational Behavior, Vol. 59, No. 3, 2001, pp. 454-470.
  33. Little, T. D., Card, N. A., Bovaird, J. A., Preacher, K. J., and Crandall, C. S., "Structural Equation Modeling of Mediation and Moderation with Contextual Factors," Modeling Contextual Effects in Longitudinal Studies, Vol. 1, 2007, pp. 207-230.
  34. Loch, K. D., Carr, H. H., and Warkentin, M. E., "Threats to Information Systems: Today's Reality, Yesterday's Understanding," MIS Quarterly, Vol. 16, No. 2, 1992, pp.173-186.
  35. Netemeyer, R. G., Boles, J. S., McKee, D. O., and McMurrian, R., "An Investigation into the Antecedents of Organizational Citizenship Behaviors in a Personal Selling Context," Journal of Marketing, Vol. 61, No. 3, 1997, pp. 85-98.
  36. Nunnally, J. C., Psychometric theory (2nd ed.). New York: McGraw-Hill, 1978.
  37. Oh, S. T., and Park, S., "A Study of the Connected Smart Worker's Techno-stress," Procedia Computer Science, Vol. 91, 2016, pp. 725-733.
  38. Podsakoff, P. M., MacKenzie, S. B., Lee, J. Y., and Podsakoff, N. P., "Common Method Biases in Behavioral Research: A Critical Review of the Literature and Recommended Remedies," Journal of Applied Psychology, Vol. 88, No. 5, 2003, pp. 879-903.
  39. Ragu-Nathan, T. S., Tarafdar, M., Ragu-Nathan, B. S., and Tu, Q., "The Consequences of Technostress for End Users in Organizations: Conceptual Development and Empirical Validation," Information Systems Research, Vol. 19, No. 4, 2008, pp. 417-433.
  40. Ruiz-Palomino, P., and Martinez-Canas, R., "Ethical Culture, Ethical Intent, and Organizational Citizenship Behavior: The Moderating and Mediating Role of Person-Organization Fit," Journal of Business Ethics, Vol. 120, No. 1, 2014, pp. 95-108.
  41. Safa, N. S., Maple, C., Furnell, S., Azad, M. A., Perera, C., Dabbagh, M., and Sookhak, M., "Deterrence and Prevention Based Model to Mitigate Information Security Insider Threats in Organisations," Future Generation Computer Systems, Vol. 97, 2019, pp.587-597.
  42. Safa, N. S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N. A., and Herawan, T., "Information Security Conscious Care Behaviour Formation in Organizations," Computers and Security, Vol. 53, pp. 65-78, 2015.
  43. Safa, N. S., Von Solms, R., and Futcher, L., "Human Aspects of Information Security in Organisations," Computer Fraud & Security, Vol. 2016, No. 2, 2016, pp. 15-18.
  44. Siponen, M., Pahnila, S., and Mahmood, M. A., "Compliance with Information Security Policies: An Empirical Investigation," Computer, Vol. 43, No. 2, 2010, pp.64-71.
  45. Sommestad, T., Hallberg, J., Lundholm, K., and Bengtsson, J., "Variables Influencing Information Security Policy Compliance: A Systematic Review of Quantitative Studies," Information Management & Computer Security, Vol. 22, No. 1, 2014, pp. 42-75.
  46. Steinbart, P. J., Raschke, R. L., Gal, G., and Dilla, W. N., "The Influence of a Good Relationship between the Internal Audit and Information Security Functions on Information Security Outcomes," Accounting, Organizations and Society, Vol. 71, 2018, pp. 15-29.
  47. Tarafdar, M., Bolman Pullins, E., and Ragu-Nathan, T. S., "Examining Impacts of Technostress on the Professional Salesperson's Behavioral Performance," Journal of Personal Selling & Sales Management, Vol. 34, No. 1, 2014, pp. 51-69.
  48. Tarafdar, M., Pullins, E. B., and Ragu-Nathan, T. S., "Technostress: Negative Effect on Performance and Possible Mitigations," Information Systems Journal, Vol. 25, No. 2, 2015, pp. 103-132.
  49. Tarafdar, M., Tu, Q., Ragu-Nathan, B. S., and Ragu-Nathan, T. S., "The Impact of Technostress on Role Stress and Productivity," Journal of Management Information Systems, Vol. 24, No. 1, 2007, pp. 301-328.
  50. Tarafdar, M., Tu, Q., Ragu-Nathan, T. S., and Ragu-Nathan, B. S., "Crossing to the Dark Side: Examining Creators, Outcomes, and Inhibitors of Technostress," Communications of the ACM, Vol. 54, No. 9, 2011, pp. 113-120.
  51. Valentine, S., Godkin, L., and Lucero, M., "Ethical Context, Organizational Commitment, and Person-Organization Fit," Journal of Business Ethics, Vol. 41, No. 4, 2002, pp. 349-360.
  52. Vance, A., Siponen, M., and Pahnila, S., "Motivating IS Security Compliance: Insights from Habit and Protection Motivation Theory," Information & Management, Vol. 49, No. 3, 2012, pp. 190-198.
  53. Verizon, Verizon 2019 Data Breach Investigations Report, 2019.
  54. West, R., "The Psychology of Security," Communications of the ACM, Vol. 51, No. 4, 2008, pp. 34-40.
  55. Wheeler, A. R., Coleman Gallagher, V., Brouer, R. L., and Sablynski, C. J., "When Person-Organization (mis) Fit and (dis) Satisfaction Lead to Turnover: The Moderating Role of Perceived Job Mobility," Journal of Managerial Psychology, Vol. 22, No. 2, 2007, pp. 203-219.
  56. Wixom, B. H., and Watson, H. J., "An Empirical Investigation of the Factors Affecting Data Warehousing Success," MIS Quarterly, Vol. 25, No. 1, 2001, pp. 17-41.
  57. Yan, Z., Guo, X., Lee, M. K., and Vogel, D. R., "A Conceptual Model of Technology Features and Technostress in Telemedicine Communication," Information Technology & People, Vol. 26, No. 3, 2013, pp. 283-297.