Information security policy compliance behavior models, theories, and influencing factors: a systematic literature review
The paper aims to identify information security policy compliance behavior models, their respected theories, and influencing factors. This is the first and most current comprehensive systematic review of information security policy compliance models, theories, and influencing factors. A systematic r...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Published: |
Little Lion Scientific
2022
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/98588/ http://www.jatit.org/volumes/Vol100No5/28Vol100No5.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.utm.98588 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.985882023-01-25T09:26:40Z http://eprints.utm.my/id/eprint/98588/ Information security policy compliance behavior models, theories, and influencing factors: a systematic literature review Kuppusamy, Puspadevi Samy, Ganthan Narayana Maarop, Nurazean Shanmugam, Bharanidharan Perumal, Sundresan T55-55.3 Industrial Safety. Industrial Accident Prevention T58.5-58.64 Information technology The paper aims to identify information security policy compliance behavior models, their respected theories, and influencing factors. This is the first and most current comprehensive systematic review of information security policy compliance models, theories, and influencing factors. A systematic review of empirical studies from twelve online databases was conducted. This review resulted in thirty-two (32) information security policy compliance behavior models proposed in different domains comprising various theories, concepts, and influencing factors. The results showed the importance of this issue among the researchers and a major limitation found was generalizability. Twenty (20) primary theories were extracted from the identified studies and found the theory of planned behavior and the protection motivation theory are the most trusted and reliable theories in information security policy compliance behavior models. Further analyses identified sixty (60) influencing factors and their alternative names and definitions. The most promising factors (high usage) of importance in descending orders are subjective norms, self-efficacy, attitudes, perceived benefits, threat vulnerability, threat severity, response efficacy, response cost, and experience. Besides that, factors such as self-efficacy, attitude, perceived benefit, threat severity, response efficacy, sanction severity, personal norms, experience, and training support were found and proved to be positively associated with the intention of compliance and considered robust for increasing information security compliance intention behavior. The results of this research can offer valuable information to fellow researchers in listing the models, their limitations, theories that are trustable, and influence factors that are critical for building a better model in the future. Little Lion Scientific 2022-03-15 Article PeerReviewed Kuppusamy, Puspadevi and Samy, Ganthan Narayana and Maarop, Nurazean and Shanmugam, Bharanidharan and Perumal, Sundresan (2022) Information security policy compliance behavior models, theories, and influencing factors: a systematic literature review. Journal of Theoretical and Applied Information Technology, 100 (5). pp. 1536-1557. ISSN 1992-8645 http://www.jatit.org/volumes/Vol100No5/28Vol100No5.pdf NA |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| topic |
T55-55.3 Industrial Safety. Industrial Accident Prevention T58.5-58.64 Information technology |
| spellingShingle |
T55-55.3 Industrial Safety. Industrial Accident Prevention T58.5-58.64 Information technology Kuppusamy, Puspadevi Samy, Ganthan Narayana Maarop, Nurazean Shanmugam, Bharanidharan Perumal, Sundresan Information security policy compliance behavior models, theories, and influencing factors: a systematic literature review |
| description |
The paper aims to identify information security policy compliance behavior models, their respected theories, and influencing factors. This is the first and most current comprehensive systematic review of information security policy compliance models, theories, and influencing factors. A systematic review of empirical studies from twelve online databases was conducted. This review resulted in thirty-two (32) information security policy compliance behavior models proposed in different domains comprising various theories, concepts, and influencing factors. The results showed the importance of this issue among the researchers and a major limitation found was generalizability. Twenty (20) primary theories were extracted from the identified studies and found the theory of planned behavior and the protection motivation theory are the most trusted and reliable theories in information security policy compliance behavior models. Further analyses identified sixty (60) influencing factors and their alternative names and definitions. The most promising factors (high usage) of importance in descending orders are subjective norms, self-efficacy, attitudes, perceived benefits, threat vulnerability, threat severity, response efficacy, response cost, and experience. Besides that, factors such as self-efficacy, attitude, perceived benefit, threat severity, response efficacy, sanction severity, personal norms, experience, and training support were found and proved to be positively associated with the intention of compliance and considered robust for increasing information security compliance intention behavior. The results of this research can offer valuable information to fellow researchers in listing the models, their limitations, theories that are trustable, and influence factors that are critical for building a better model in the future. |
| format |
Article |
| author |
Kuppusamy, Puspadevi Samy, Ganthan Narayana Maarop, Nurazean Shanmugam, Bharanidharan Perumal, Sundresan |
| author_facet |
Kuppusamy, Puspadevi Samy, Ganthan Narayana Maarop, Nurazean Shanmugam, Bharanidharan Perumal, Sundresan |
| author_sort |
Kuppusamy, Puspadevi |
| title |
Information security policy compliance behavior models, theories, and influencing factors: a systematic literature review |
| title_short |
Information security policy compliance behavior models, theories, and influencing factors: a systematic literature review |
| title_full |
Information security policy compliance behavior models, theories, and influencing factors: a systematic literature review |
| title_fullStr |
Information security policy compliance behavior models, theories, and influencing factors: a systematic literature review |
| title_full_unstemmed |
Information security policy compliance behavior models, theories, and influencing factors: a systematic literature review |
| title_sort |
information security policy compliance behavior models, theories, and influencing factors: a systematic literature review |
| publisher |
Little Lion Scientific |
| publishDate |
2022 |
| url |
http://eprints.utm.my/id/eprint/98588/ http://www.jatit.org/volumes/Vol100No5/28Vol100No5.pdf |
| _version_ |
1756060035295739904 |
| score |
13.209306 |