Information Security Policy Perceived Compliance Among Staff in Palestine universities: An Empirical Pilot study

Iriqat, Yousef Mohammad; Ahlan, Abdul Rahman; Molok, Nurul Nuha Abdul

doi:10.1109/jeeit.2019.8717438

Cited by 7 publications

(2 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Using the general deterrence theory (GDT), they identified demographic and human reasons behind IS violations and deployed a series of theories (i.e., GDT, PMT, and TPB) to evaluate predictors of ISCB. They found that ISCB was influenced by awareness, sanction certainty, and self-efficacy [28]. They also evaluated the potential factors influencing ISCB and information security awareness in business contexts.…”

Section: Literature Studiesmentioning

confidence: 99%

Theory-Based Model and Prediction Analysis of Information Security Compliance Behavior in the Saudi Healthcare Sector

et al. 2020

View full text Add to dashboard Cite

The adoption of health information systems provides many potential healthcare benefits. The government of the Kingdom of Saudi Arabia has subsidized this field. However, like those of other less developed countries, organizations in the Kingdom of Saudi Arabia struggle to secure their health information systems. This issue may stem from a lack of awareness regarding information security. To date, most related studies have not considered all of the factors affecting information security compliance behavior (ISCB), which include psychological traits, cultural and religious beliefs, and legal concerns. This paper aims to investigate the usefulness of a theory-based model and determine the predictors of ISCB among healthcare workers at government hospitals in the Kingdom of Saudi Arabia. The study investigated 433 health workers in Arar, the capital of the Northern Borders Province in the Kingdom of Saudi Arabia. Two phases involved in this study were the hypothetical model formulation and identification of ISCB predictors. The results suggest that moderating and non-common factors (e.g., religion and morality) impact ISCB, while demographic characteristics (e.g., age, marital status, and work experience) do not. All published instruments and theories were embedded to determine the most acceptable theories for Saudi culture. The theory-based model of ISCB establishes the main domains of theory for this study, which were religion/morality, self-efficacy, legal/punishment, personality traits, cost of compliance/noncompliance, subjective norms, information security policy, general information security, and technology awareness. Predictors of ISCB indicate that general information security, followed by self-efficacy and religion/morality, is the most influential factor on ISCB among healthcare workers in the Kingdom of Saudi Arabia. This study is considered as the first to present the symmetry between theory and actual descriptive results, which were not investigated before.

show abstract

Section: Literature Studiesmentioning

confidence: 99%

Theory-Based Model and Prediction Analysis of Information Security Compliance Behavior in the Saudi Healthcare Sector

et al. 2020

View full text Add to dashboard Cite

show abstract

“…There is a need to understand what influences compliance with information security policies (ISPs) [7,8]. Understanding employees' information security behaviour, is an important step in the assessment and consequently the improvement of information security behaviour [9].…”

Section: Introductionmentioning

confidence: 99%

Information Security Behavior: Development of a Measurement Instrument Based on the Self-determination Theory

Gangire

Veiga

Herselman

2020

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

Employee information security behaviour is important in securing an organisation's information technology resources. Employees can act in a risky or secure manner. Improving employee information security behaviour is important for organisations and should follow an assessment of their behaviour. A robust measuring instrument is a necessity for effectively assessing information security behaviour. In this study, a questionnaire was developed based on the Human Aspects of Information Security Questionnaire and self-determination theory and validated statistically. Data obtained through a quantitative survey (N = 263) at a South African university was used to validate the questionnaire. The result is a questionnaire that has internally consistent items, as shown by the results of the reliability analysis. Universities can use the questionnaire to identify developmental areas to improve information security from a behaviour perspective.

show abstract

A Composite Framework to Promote Information Security Policy Compliance in Organizations

Amankwa

Loock

Kritzinger

2019

Learning and Analytics in Intelligent Systems

View full text Add to dashboard Cite

Information Security Policy Perceived Compliance Among Staff in Palestine universities: An Empirical Pilot study

Cited by 7 publications

References 24 publications

Theory-Based Model and Prediction Analysis of Information Security Compliance Behavior in the Saudi Healthcare Sector

Theory-Based Model and Prediction Analysis of Information Security Compliance Behavior in the Saudi Healthcare Sector

Information Security Behavior: Development of a Measurement Instrument Based on the Self-determination Theory

A Composite Framework to Promote Information Security Policy Compliance in Organizations

Contact Info

Product

Resources

About