A Review of the Theory of Planned Behaviour in the Context of Information Security Policy Compliance - Security and Privacy Protection in Information Processing Systems
Conference Papers Year : 2013

A Review of the Theory of Planned Behaviour in the Context of Information Security Policy Compliance

Jonas Hallberg
  • Function : Author
  • PersonId : 1001104

Abstract

The behaviour of employees influences information security in virtually all organisations. To inform the employees regarding what constitutes desirable behaviour, an information security policy can be formulated and communicated. However, not all employees comply with the information security policy. This paper reviews and synthesises 16 studies related to the theory of planned behaviour. The objective is to investigate 1) to what extent the theory explains information security policy compliance and violation and 2) whether reasonable explanations can be found when the results of the studies diverge. It can be concluded that the theory explains information security policy compliance and violation approximately as well as it explains other behaviours. Some potential explanations can be found for why the results of the identified studies diverge. However, many of the differences in results are left unexplained.
Fichier principal
Vignette du fichier
978-3-642-39218-4_20_Chapter.pdf (311.43 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01463832 , version 1 (09-02-2017)

Licence

Identifiers

Cite

Teodor Sommestad, Jonas Hallberg. A Review of the Theory of Planned Behaviour in the Context of Information Security Policy Compliance. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. pp.257-271, ⟨10.1007/978-3-642-39218-4_20⟩. ⟨hal-01463832⟩
165 View
622 Download

Altmetric

Share

More