Information security behavior and information security policy compliance: a systematic literature review for identifying the transformation process from noncompliance to compliance

Article

Ali, R., Dominic, P., Ali, S., Rehman, M. and Sohail, A. 2021. Information security behavior and information security policy compliance: a systematic literature review for identifying the transformation process from noncompliance to compliance. Applied Sciences. 11 (8). https://doi.org/10.3390/app11083383
TypeArticle
TitleInformation security behavior and information security policy compliance: a systematic literature review for identifying the transformation process from noncompliance to compliance
AuthorsAli, R., Dominic, P., Ali, S., Rehman, M. and Sohail, A.
Abstract

A grave concern to an organization’s information security is employees’ behavior when they do not value information security policy compliance (ISPC). Most ISPC studies evaluate compliance and noncompliance behaviors separately. However, the literature lacks a comprehensive understanding of the factors that transform the employees’ behavior from noncompliance to compliance. Therefore, we conducted a systematic literature review (SLR), highlighting the studies done concerning information security behavior (ISB) towards ISPC in multiple settings: research frameworks, research designs, and research methodologies over the last decade. We found that ISPC research focused more on compliance behaviors than noncompliance behaviors. Value conflicts, security-related stress, and neutralization, among many other factors, provided significant evidence towards noncompliance. At the same time, internal/external and protection motivations proved positively significant towards compliance behaviors. Employees perceive internal and external motivations from their social circle, management behaviors, and organizational culture to adopt security-aware behaviors. Deterrence techniques, management behaviors, culture, and information security awareness play a vital role in transforming employees’ noncompliance into compliance behaviors. This SLR’s motivation is to synthesize the literature on ISPC and ISB, identifying the behavioral transformation process from noncompliance to compliance. This SLR contributes to information system security literature by providing a behavior transformation process model based on the existing ISPC literature.

Keywordsinformation security behavior; information security policy compliance; systematic literature review (SLR); process management; compliance; noncompliance; transformation process
Sustainable Development Goals9 Industry, innovation and infrastructure
Middlesex University ThemeCreativity, Culture & Enterprise
PublisherMDPI
JournalApplied Sciences
ISSN
Electronic2076-3417
Publication dates
Print02 Apr 2021
Online09 Apr 2021
Publication process dates
Submitted24 Mar 2021
Accepted06 Apr 2021
Deposited13 Jan 2025
Output statusPublished
Publisher's version
License
File Access Level
Open
Copyright Statement

© 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

Digital Object Identifier (DOI)https://doi.org/10.3390/app11083383
Web of Science identifierWOS:000643992000001
Permalink -

https://repository.mdx.ac.uk/item/11vx1q

Log in to edit

Download files

Publisher's version
applsci-11-03383-v3.pdf
License: CC BY 4.0
File access level: Open

  • 0
    total views
  • 2
    total downloads
  • 0
    views this month
  • 1
    downloads this month

Export as

Related outputs

Transforming strategies in the digital era: the role of social media in customer value analysis and crisis management for tourism firms
Rehman, H.M., Amin, A., Rehman, M., Nematova, G., Shamim, A. and Hossain, M.B. 2023. Transforming strategies in the digital era: the role of social media in customer value analysis and crisis management for tourism firms. International Journal of Management Studies. 30 (2), pp. 373-396. https://doi.org/10.32890/ijms2023.30.2.7
Importance of the sustainability tourism marketing practices: an insight from rural community-based homestays in Malaysia
Janjua, Z., Krishnapillai, G. and Rehman, M. 2023. Importance of the sustainability tourism marketing practices: an insight from rural community-based homestays in Malaysia. Journal of Hospitality and Tourism Insights. 6 (2), pp. 575-594. https://doi.org/10.1108/JHTI-10-2021-0274
A systematic literature review of rural homestays and sustainability in tourism
Janjua, Z., Krishnapillai, G. and Rehman, M. 2021. A systematic literature review of rural homestays and sustainability in tourism. SAGE Open. 11 (2). https://doi.org/10.1177/21582440211007117
Extracting key factors of cyber hygiene behaviour among software engineers: a systematic literature review
Kalhoro, S., Rehman, M., Ponnusamy, V. and Shaikh, F. 2021. Extracting key factors of cyber hygiene behaviour among software engineers: a systematic literature review. IEEE Access. 9, pp. 99339-99363. https://doi.org/10.1109/ACCESS.2021.3097144
Cyberbullying behaviour: a study of undergraduate university students
Shaikh, F., Rehman, M., Amin, A., Shamim, A. and Hashmani, M. 2021. Cyberbullying behaviour: a study of undergraduate university students. IEEE Access. 9, pp. 92715-92734. https://doi.org/10.1109/ACCESS.2021.3086679
Factors that influence high school female students' intentions to pursue science, technology, engineering and mathematics (STEM) education in Malaysia
Alam, M., Sajid, S., Kok, J., Rehman, M. and Amin, A. 2021. Factors that influence high school female students' intentions to pursue science, technology, engineering and mathematics (STEM) education in Malaysia. Pertanika Journal of Social Sciences and Humanities. 29 (2), pp. 839-867. https://doi.org/10.47836/pjssh.29.2.06
Generation of highly nonlinear and dynamic AES substitution-boxes (S-boxes) using chaos-based rotational matrices
Malik, M.S.M., Ali, M.A., Khan, M.A., Ehatisham-Ul-Haq, M., Shah, S.N.M., Rehman, M. and Ahmad, W. 2020. Generation of highly nonlinear and dynamic AES substitution-boxes (S-boxes) using chaos-based rotational matrices. IEEE Access. 8, pp. 35682-35695. https://doi.org/10.1109/ACCESS.2020.2973679
Adaptive CNN ensemble for complex multispectral image analysis
Jameel, S., Hashmani, M., Rehman, M. and Budiman, A. 2020. Adaptive CNN ensemble for complex multispectral image analysis. Complexity. 2020. https://doi.org/10.1155/2020/8361989
Review of social media influence on software development
Nematova, G., Rehman, M., Amin, A. and Hashmani, M.A. 2020. Review of social media influence on software development. Mehran University Research Journal of Engineering and Technology. 39 (3), pp. 603-611. https://doi.org/10.22581/muet1982.2003.15