ABSTRACT
This study was designed to examine the impacts of employees’ cost–benefit analysis, deterrence considerations, and top management support and beliefs on information systems security policy compliance. Surveys of Canadian professionals’ perceptions were carried out. A research model was proposed and tested. The results confirmed that top management support and beliefs, sanction severity, and cost–benefit analysis significantly influenced employees’ information systems security policy compliance. The implications of the study findings are discussed, and conclusions are drawn.
Additional information
Funding
Notes on contributors
Princely Ifinedo
Princely Ifinedo is an Associate Professor at Cape Breton University, Canada. He holds a PhD in IS from University of Jyväskylä, Finland, an MBA from the Royal Holloway, University of London, UK, and an MSc from Tallinn University of Technology, Estonia. His research includes enterprise resource planning (ERP) success and IS security management. He has presented at various IS conferences, contributed chapters to several books/encyclopedias, and published in journals such as Information & Management, International Journal of Information Management, Journal of Computer Information Systems, Computer & Security, Journal of Information Security and Privacy, Internet Research, DATA BASE, Journal of Global Information Technology Management, and Computer in Human Behavior. He has authored over 100 peer-reviewed publications and he is affiliated with Association for Information Systems and CIPS.