Information security behavior and information security policy compliance: a systematic literature review for identifying the transformation process from noncompliance to compliance

Article

Ali, R., Dominic, P., Ali, S., Rehman, M. and Sohail, A. 2021. Information security behavior and information security policy compliance: a systematic literature review for identifying the transformation process from noncompliance to compliance. Applied Sciences. 11 (8). https://doi.org/10.3390/app11083383
TypeArticle
TitleInformation security behavior and information security policy compliance: a systematic literature review for identifying the transformation process from noncompliance to compliance
AuthorsAli, R., Dominic, P., Ali, S., Rehman, M. and Sohail, A.
Abstract

A grave concern to an organization’s information security is employees’ behavior when they do not value information security policy compliance (ISPC). Most ISPC studies evaluate compliance and noncompliance behaviors separately. However, the literature lacks a comprehensive understanding of the factors that transform the employees’ behavior from noncompliance to compliance. Therefore, we conducted a systematic literature review (SLR), highlighting the studies done concerning information security behavior (ISB) towards ISPC in multiple settings: research frameworks, research designs, and research methodologies over the last decade. We found that ISPC research focused more on compliance behaviors than noncompliance behaviors. Value conflicts, security-related stress, and neutralization, among many other factors, provided significant evidence towards noncompliance. At the same time, internal/external and protection motivations proved positively significant towards compliance behaviors. Employees perceive internal and external motivations from their social circle, management behaviors, and organizational culture to adopt security-aware behaviors. Deterrence techniques, management behaviors, culture, and information security awareness play a vital role in transforming employees’ noncompliance into compliance behaviors. This SLR’s motivation is to synthesize the literature on ISPC and ISB, identifying the behavioral transformation process from noncompliance to compliance. This SLR contributes to information system security literature by providing a behavior transformation process model based on the existing ISPC literature.

Keywordsinformation security behavior; information security policy compliance; systematic literature review (SLR); process management; compliance; noncompliance; transformation process
Sustainable Development Goals9 Industry, innovation and infrastructure
Middlesex University ThemeCreativity, Culture & Enterprise
PublisherMDPI
JournalApplied Sciences
ISSN
Electronic2076-3417
Publication dates
Print02 Apr 2021
Online09 Apr 2021
Publication process dates
Submitted24 Mar 2021
Accepted06 Apr 2021
Deposited13 Jan 2025
Output statusPublished
Publisher's version
License
File Access Level
Open
Copyright Statement

© 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

Digital Object Identifier (DOI)https://doi.org/10.3390/app11083383
Web of Science identifierWOS:000643992000001
Permalink -

https://repository.mdx.ac.uk/item/11vx1q

Log in to edit

Download files

Publisher's version
applsci-11-03383-v3.pdf
License: CC BY 4.0
File access level: Open

  • 11
    total views
  • 6
    total downloads
  • 5
    views this month
  • 3
    downloads this month

Export as

Related outputs

Breaking down barriers: the moderating role of organizational support in facilitating knowledge sharing among software developers
Anwar, R., Rehman, M., Rehman, H., Nauman, S., Khan, A.S. and Malik, M. 2024. Breaking down barriers: the moderating role of organizational support in facilitating knowledge sharing among software developers. SAGE Open. 14 (2). https://doi.org/10.1177/21582440241256568
Transforming strategies in the digital era: the role of social media in customer value analysis and crisis management for tourism firms
Rehman, H.M., Amin, A., Rehman, M., Nematova, G., Shamim, A. and Hossain, M.B. 2023. Transforming strategies in the digital era: the role of social media in customer value analysis and crisis management for tourism firms. International Journal of Management Studies. 30 (2), pp. 373-396. https://doi.org/10.32890/ijms2023.30.2.7
Importance of the sustainability tourism marketing practices: an insight from rural community-based homestays in Malaysia
Janjua, Z., Krishnapillai, G. and Rehman, M. 2023. Importance of the sustainability tourism marketing practices: an insight from rural community-based homestays in Malaysia. Journal of Hospitality and Tourism Insights. 6 (2), pp. 575-594. https://doi.org/10.1108/JHTI-10-2021-0274
A systematic literature review of rural homestays and sustainability in tourism
Janjua, Z., Krishnapillai, G. and Rehman, M. 2021. A systematic literature review of rural homestays and sustainability in tourism. SAGE Open. 11 (2). https://doi.org/10.1177/21582440211007117
Extracting key factors of cyber hygiene behaviour among software engineers: a systematic literature review
Kalhoro, S., Rehman, M., Ponnusamy, V. and Shaikh, F. 2021. Extracting key factors of cyber hygiene behaviour among software engineers: a systematic literature review. IEEE Access. 9, pp. 99339-99363. https://doi.org/10.1109/ACCESS.2021.3097144
Cyberbullying behaviour: a study of undergraduate university students
Shaikh, F., Rehman, M., Amin, A., Shamim, A. and Hashmani, M. 2021. Cyberbullying behaviour: a study of undergraduate university students. IEEE Access. 9, pp. 92715-92734. https://doi.org/10.1109/ACCESS.2021.3086679
Factors that influence high school female students' intentions to pursue science, technology, engineering and mathematics (STEM) education in Malaysia
Alam, M., Sajid, S., Kok, J., Rehman, M. and Amin, A. 2021. Factors that influence high school female students' intentions to pursue science, technology, engineering and mathematics (STEM) education in Malaysia. Pertanika Journal of Social Sciences and Humanities. 29 (2), pp. 839-867. https://doi.org/10.47836/pjssh.29.2.06
A literature survey and empirical study of meta-learning for classifier selection
Khan, I., Zhang, X., Rehman, M. and Ali, R. 2020. A literature survey and empirical study of meta-learning for classifier selection. IEEE Access. 8, pp. 10262-10281. https://doi.org/10.1109/ACCESS.2020.2964726
Generation of highly nonlinear and dynamic AES substitution-boxes (S-boxes) using chaos-based rotational matrices
Malik, M.S.M., Ali, M.A., Khan, M.A., Ehatisham-Ul-Haq, M., Shah, S.N.M., Rehman, M. and Ahmad, W. 2020. Generation of highly nonlinear and dynamic AES substitution-boxes (S-boxes) using chaos-based rotational matrices. IEEE Access. 8, pp. 35682-35695. https://doi.org/10.1109/ACCESS.2020.2973679
Cyberbullying: a systematic literature review to identify the factors impelling university students towards cyberbullying
Bashir Shaikh, F., Rehman, M. and Amin, A. 2020. Cyberbullying: a systematic literature review to identify the factors impelling university students towards cyberbullying. IEEE Access. 8, pp. 148031-148051. https://doi.org/10.1109/ACCESS.2020.3015669
Adaptive CNN ensemble for complex multispectral image analysis
Jameel, S., Hashmani, M., Rehman, M. and Budiman, A. 2020. Adaptive CNN ensemble for complex multispectral image analysis. Complexity. 2020. https://doi.org/10.1155/2020/8361989
An adaptive deep learning framework for dynamic image classification in the Internet of Things environment
Jameel, S.M., Hashmani, M.A., Rehman, M. and Budiman, A. 2020. An adaptive deep learning framework for dynamic image classification in the Internet of Things environment. Sensors. 20 (20). https://doi.org/10.3390/s20205811
A critical review on adverse effects of concept drift over machine learning classification models
Jameel, S.M., Hashmani, M.A., Alhussain, H., Rehman, M. and Budiman, A. 2020. A critical review on adverse effects of concept drift over machine learning classification models. International Journal of Advanced Computer Science and Applications. 11 (1), pp. 206-211. https://doi.org/10.14569/IJACSA.2020.0110127
Review of social media influence on software development
Nematova, G., Rehman, M., Amin, A. and Hashmani, M.A. 2020. Review of social media influence on software development. Mehran University Research Journal of Engineering and Technology. 39 (3), pp. 603-611. https://doi.org/10.22581/muet1982.2003.15
Automatic image annotation for small and ad hoc intelligent applications using Raspberry Pi
Jameel, S.M., Hashmani, M.A., Rizvi, S.S.H., Uddin, V. and Rehman, M. 2019. Automatic image annotation for small and ad hoc intelligent applications using Raspberry Pi. Engineering Application of Artificial Intelligence Conference 2018 . Sabah, Malaysia 03 - 05 Dec 2018 EDP Sciences. https://doi.org/10.1051/matecconf/201925501003
Accuracy performance degradation in image classification models due to concept drift
Hashmani, M.A., Jameel, S.M., Alhussain, H., Rehman, M. and Budiman, A. 2019. Accuracy performance degradation in image classification models due to concept drift. International Journal of Advanced Computer Science and Applications. 10 (5), pp. 422-425. https://doi.org/10.14569/IJACSA.2019.0100552
Job satisfaction and knowledge sharing among computer and information science faculty members: a case of Malaysian universities
Rehman, M., Mahmood, A.K., Salleh, R. and Amin, A. 2014. Job satisfaction and knowledge sharing among computer and information science faculty members: a case of Malaysian universities. Research Journal of Applied Sciences, Engineering and Technology. 7 (4), pp. 839-848. https://doi.org/10.19026/rjaset.7.326
Framework to increase knowledge sharing behavior among software engineers
Rehman, M., Mahmood, A.K., Salleh, R. and Amin, A. 2014. Framework to increase knowledge sharing behavior among software engineers. Research Journal of Applied Sciences, Engineering and Technology. 7 (4), pp. 849-856. https://doi.org/10.19026/rjaset.7.327