The role of deterrability for the effect of multi-level sanctions on information security policy compliance: Results of a multigroup analysis

The role of deterrability for the effect of multi-level sanctions on information security policy compliance: Results of a multigroup analysis

This paper offers a new perspective on the effectiveness of sanctions in influencing information security policy compliance. We observe compliance from a group perspective to identify undeterrable employees who comply based on inner conviction and deterrable employees who comply because of external...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Information & management 2021-04, Vol.58 (3), p.103318, Article 103318
Hauptverfasser: Jaeger, Lennart, Eckhardt, Andreas, Kroenung, Julia
Format: Artikel
Sprache:eng
Schlagworte:
Attitude
Deterrability
Deterrence
Information security policy awareness
Information security policy compliance
Sanctions
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This paper offers a new perspective on the effectiveness of sanctions in influencing information security policy compliance. We observe compliance from a group perspective to identify undeterrable employees who comply based on inner conviction and deterrable employees who comply because of external coercion. Drawing upon survey data, we show that multilevel sanctions (i.e., formal, social, and personal sanctions) have a varying impact on the compliance of inclined and disinclined employees. We also find that multilevel sanction perceptions are differently influenced by information security policy awareness. This group-based deterrability perspective opens up new avenues to study the value of sanctions.
ISSN:0378-7206
1872-7530
DOI:10.1016/j.im.2020.103318