• Title/Summary/Keyword: policy compliance

Search Result 297, Processing Time 0.027 seconds

A Study on the Influence of Information Security Compliance Intention of Employee: Theory of Planned Behavior, Justice Theory, and Motivation Theory Applied (조직원의 정보보안 정책 준수의도에 미치는 영향 연구: 계획된 행동이론, 공정성이론, 동기이론의 적용)

  • Hwang, In-Ho;Hu, Sung-Ho
    • Journal of Digital Convergence
    • /
    • v.16 no.3
    • /
    • pp.225-236
    • /
    • 2018
  • Organizations continue to invest in the security of information technology as a means to be more competitive than others in their industry do. However, there is a relatively lack of interest in the information security compliance of employees who implement information security technologies and policies of organization. This study finds mechanisms for enhancing security compliance by applying theory of planned behavior, justice theory, and motivation theory in information security field. We use structural equation modeling to verify the research hypotheses, and conducted a survey on the employees of organization with information security policy. The results showed that organizational justice, sanction, and organizational identification affect the factors of the planned behavior theory and affect the employee's compliance intention. As a result, this research suggested directions for strategic approach for enhancing employee's compliance intention on organization's security policy.

A Study on the Effects of Information Security Policy Types and Information Security Stress on Information Security Behavior (정보보안 정책 유형과 보안 스트레스가 정보보안 행동에 미치는 영향에 대한 연구)

  • Lee Kwang Ho;Jung Chan gi
    • Convergence Security Journal
    • /
    • v.22 no.1
    • /
    • pp.113-120
    • /
    • 2022
  • Despite the limitations of existing security policies due to technological development, companies are unable to actively respond to changes by maintaining a closed security policy. This study classified information security policy into three types: regulatory type policy, advisory type policy, and informative type policy. For each classified policy type, the effect on the information security policy compliance behavior of organizational members was investigated by applying the extended theory of planned behavior, and the moderating effect of information security stress was investigated. SmartPLS 2.0 and SPSS 21.0, which are structural equation modeling techniques, were used to analyze the relationship affecting each factor. As a result of the study, regulatory type, advisory type, and informative type security policies affected organizational members' information security policy compliance behavior, and security stress had an effect on information security compliance attitudes and subjective norms on information security, which are prerequisites for planned behavior theory. gave. This study suggests that various types of corporate information security policies can be applied and that security stress can affect information security behaviors of members.

Effects of Biased Awareness of Security Policies on Security Compliance Behavior (보안정책에 대한 편향적 사고가 보안준수 행동에 미치는 영향)

  • Heo, Jun;Ahn, Seongjin
    • The Journal of Korean Association of Computer Education
    • /
    • v.23 no.1
    • /
    • pp.63-75
    • /
    • 2020
  • From the perspective of compliance with security policies by members of the organization, which is a major cause of security incidents, this study presented biased thinking as factors that affect compliance with security policies and verified the following: First, the impact of biased thinking on security policies on compliance with security policies is verified. Second, the participation of management, perceived risk, education and punishment of management will verify the adjustment effect of increasing or decreasing biased thinking. Finally, we have verified that compliance attitudes have a significant impact on compliance behavior. To this end, 157 people were surveyed, statistical analysis of research models and structural equations, and conformity analysis were conducted. Studies have shown that biased thinking has a negative effect on the attitude of compliance with information security. In addition, it was analyzed that the attitude of compliance with information security policy increases policy compliance behavior. On the other hand, the higher the perceived risk of information security, the lower the bias was the adjustment effect, but management's participation, education and punishment were found to have no adjustment effect.

Analysis of The Effects of Information Security Policy Sanction, Perceived Threat, and Perception of Information Security Climate on Compliance Behavioral Intention: Focursing on Prospect and Goal Orientation (정보 보안 제재성과 위협 인식, 분위기 인식이 준수 행동 의도성에 미치는 영향 분석: 전망 관점과 목표 지향 관점을 중심으로)

  • Hu, Sung Ho;Hwang, In-Ho
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.22 no.1
    • /
    • pp.595-602
    • /
    • 2021
  • This study evaluates the impact of an information security policy sanction, a perceived threat, and the perception of the information security climate on a compliance behavioral intention. The research method was structured with a cross-sectional study design for the prospect and goal orientation. The variables used in the analysis are information security policy sanction, perceived threat, perception of information security climate, and compliance behavioral intention. Progress in this research consists of measuring the prospect and goal orientation, and then measuring the four variables. As a result, the prospect had a significant effect on the perception of the information security climate, and it was found that the influence of the gain-based condition was greater than the loss-based condition. Goal orientation had a significant effect on the information security policy sanction, the perceived threat, and the compliance behavioral intention, and the influence of the development-based condition was greater than the stability-based condition. Both prospect and goal orientation had an interactive effect on the compliance behavioral intention. The exploration model was verified as a mediation model. In addition, the discussion includes the appropriate implications for information security based on these research results.

Distribution of Taxpayer Compliance with Culture Dimension as an Intervening Variable in Makassar

  • Dahniyar DAUD;Haliah;Andi KUSUMAWATI;Syarifuddin RASYID
    • Journal of Distribution Science
    • /
    • v.22 no.8
    • /
    • pp.29-36
    • /
    • 2024
  • Purpose: This study examines the impact of cultural dimensions as an intervening variable on taxpayer compliance in Makassar, Indonesia, with a focus on the Bugis tribe's cultural context. Research design data and methodology: The research aims to understand how attitudes, subjective norms, and perceived behavioral control, influenced by local culture, affect taxpayer compliance. A quantitative research design was employed, collecting primary data through questionnaires distributed to 150 taxpayers, with 125 valid responses analyzed using the Structural Equation Model (SEM) and Partial Least Squares (PLS) methodology. Results: The results indicate that cultural factors significantly mediate the relationship between subjective norms and taxpayer compliance, highlighting the role of local cultural values, such as "Siri Na Pacce," in shaping compliance behavior. Subjective norms positively influence both cultural attitudes and compliance, while attitudes and perceived control have a less significant impact. The findings suggest that integrating cultural awareness into tax policy and education can enhance compliance rates in culturally rich regions. Conclusions: this study underscores the importance of considering cultural dimensionsin tax administration, particularly in regions with strong cultural identities, to improve the effectiveness of tax compliance strategies. The findings contribute to the broader understanding of how cultural context influences economic behavior, offering insights for policymakers and tax authorities.

Exploring Effects of Appropriation on the Compliance Intention to Information Security Policy (정보보호 정책의 전유과정이 정보보호 준수의도에 미치는 영향에 대한 탐색적 연구 : 콜센터와 병원 종사자들을 중심으로)

  • Oh, Jinwouk;Baek, Seung Ik
    • Journal of Information Technology Services
    • /
    • v.19 no.5
    • /
    • pp.15-31
    • /
    • 2020
  • This study explores the process in which employees adopt the information security policy. The results of this study, which surveyed 234 employees in three call centers and four hospitals, show that the employees adapt the information security policy through the social structuring process suggested by the AST model. In particular, this study identifies roles of two appropriation activities (FOA : Faithfulness of Appropriation & COA : Consensus on Appropriation) observed in the social structuring process. Regarding to the interactions between the two appropriation activities, FOA, which indicates a better understanding of the information security policy, is examined as a more critical factor than COA, which indicates the degree of agreement among employees about how to use it. FOA not only has a direct effect on compliance intention toward the information security policy, but also indirectly through COA, whereas COA has only a indirect effect through FOA. This result shows that, in order for a company to successfully implement a new information security policy, it is important for employees to understand its purpose and intention. The adaption of information security policy through two appropriation activities is observed in both hospitals and call centers, but due to the different working environments, there were differences in the preceding variables affecting the appropriation activities. The results of this study are expected to provide guidelines for companies who want to successfully adopt information security policy.

Investigating of Psychological Factors Affecting Information Security Compliance Intention: Convergent Approach to Information Security and Organizational Citizenship Behavior (정보보안 준수의도에 대한 사회심리적 요인 분석: 정보보안과 조직시민행동이론 융합)

  • Han, Jin-Young;Kim, Yoo-Jung
    • Journal of Digital Convergence
    • /
    • v.13 no.8
    • /
    • pp.133-144
    • /
    • 2015
  • In digital convergence environment, information security management plays crucial role in maintaining firms' competitiveness. Organizational citizenship behavior(OCB) enables informations security countermeasures to be more effectively worked by helping employees to have much knowledge of information security policy, by facilitating employees to participate in information security education/training. Thus, the purpose of this study is to investigate the mediating effect of OCB on the relationships between information security countermeasures and compliance intention. Questionary was designed based on prior information security research, and survey was conducted among companies' employees across the industry. Results showed that information security policy and information security education/training were found to be key predictors of compliance intention. In addition, OCB was proven to mediate the relationships between information security countermeasures and compliance intention.

Factors Affecting Deviation Broadcasting Intentions of Internet Personal Broadcasting Jockey: From the Perspective of the Social Pressure of Viewers (인터넷 개인 방송 진행자들의 일탈 방송의도에 영향을 미치는 요인: 시청자의 사회적 압력 관점에서)

  • Chae, Seong Wook;Song, Hye Ji
    • Knowledge Management Research
    • /
    • v.23 no.2
    • /
    • pp.169-192
    • /
    • 2022
  • With the spread of Internet personal broadcasting service, the number of personal broadcasting hosts (BJs: Broadcasting Jockeys) and viewers is increasing, and immediate communication between them is also actively taking place. This study examines whether the mechanism to suppress deviant behavior of BJ works effectively and how viewers interacting with BJs affect the intentions of deviant behaviors of BJs. Through the structural equation model, the effect of formal and informal sanctions of deterrence theory on BJs' intention of deviant broadcasting through their policy compliance attitude was investigated. The moderating effect of social pressure on the relationship between BJs' policy compliance attitude and their deviant broadcasting intention was confirmed. A total of 234 data were analyzed by surveying Africa TV BJs. As a result of the analysis, it was found that informal as well as formal sanctions increased the BJs' attitude toward policy compliance. However, it was confirmed that the social pressure perceived by BJs from Internet personal broadcasting viewers reduced the effect of policy compliance attitudes on reducing deviant broadcasting intentions.

Factors Affecting Patients' Compliance with Antihypertensive Medication in a Rural Area (고혈압환자의 치료순응도에 영향을 미치는 요인)

  • 배상수;이인숙;김순미;우선옥;이영조;김병익;한달성;이석구
    • Health Policy and Management
    • /
    • v.4 no.1
    • /
    • pp.25-48
    • /
    • 1994
  • Noncompliance with treatment is a serious problem in the management of hypertension. We explored self-reported medication taking compliance behavior of 194 high blood pressure patients using modified health belief model hypothesizing interaction between model components. Data were collected from patients resistered hwachon community hypertension control program during February, 1993. Bivariate analysis showed perceived severity of complication, present symptom experience(p<0.05), perceived severity of hypertension and education leve(p<0.01) were significantly related to treatment experience. Logit analysis revealed that perceived severity of hypertension, perceived benefits of treatment, perceived barriers to treatment and interaction term between perceived severity of hypertension and perceived benefits of treatment contributed treatment experience. Health education from mass media was siglificantly related to continuity of treatment. We also concluded that the inclusion of interaction effects between health belief model components and the use of patient group as analysis unit lead to better study results.

  • PDF

A Study on the Factors for Violation of Information Security Policy in Financial Companies : Moderating Effects of Perceived Customer Information Sensitivity (금융회사 정보보안정책의 위반에 영향을 주는 요인 연구 : 지각된 고객정보 민감도에 따른 조절효과)

  • Lee, Jeong-Ha;Lee, Sang-Yong Tom
    • Journal of Information Technology Applications and Management
    • /
    • v.22 no.4
    • /
    • pp.225-251
    • /
    • 2015
  • This paper analyzed factors for employees to violate information security policy in financial companies based on the theory of reasoned action (TRA), general deterrence theory (GDT), and information security awareness and moderating effects of perceived sensitivity of customer information. Using the 376 samples that were collected through both online and offline surveys, statistical tests were performed. We found that the perceived severity of sanction and information security policy support to information policy violation attitude and subjective norm but the perceived certainty of sanction and general information security awareness support to only subjective norm. Also, the moderating effects of perceived sensitivity of customer information against information policy violation attitude and subjective norm were supported. Academic implications of this study are expected to be the basis for future research on information security policy violations of financial companies; Employees' perceived sanctions and information security policy awareness have an impact on the subjective norm significantly. Practical implications are that it can provide a guide to establish information security management strategies for information security compliance; when implementing information security awareness training for employees to deter violations by emphasizing the sensitivity of customer information, a company should make their employees recognize that the customer information is very sensitive data.