The Formulation of Comprehensive Information Security Culture Dimensions for Information Security Policy Compliance Study

The Formulation of Comprehensive Information Security Culture Dimensions for Information Security Policy Compliance Study

Few studies have shown there is significant relationship between Information Security Culture (ISC) and Information Security Policy (ISP) compliance behaviour. However, these findings still could not conclude the actual effect of ISC towards employees’ ISP compliance. There are issues of consistency...

Full description

Bibliographic Details
Main Authors: Nasir, Akhyari, Ruzaini, Abdullah Arshah, Ab Hamid, Mohd Rashid
Format: Article
Language:English
Published: American Scientific Publisher 2018
Subjects:
QA75 Electronic computers. Computer science
Online Access:http://umpir.ump.edu.my/id/eprint/19243/
http://umpir.ump.edu.my/id/eprint/19243/
http://umpir.ump.edu.my/id/eprint/19243/
http://umpir.ump.edu.my/id/eprint/19243/1/The%20Formulation%20of%20Comprehensive%20Information%20Security%20Culture1.pdf
Description
Summary:Few studies have shown there is significant relationship between Information Security Culture (ISC) and Information Security Policy (ISP) compliance behaviour. However, these findings still could not conclude the actual effect of ISC towards employees’ ISP compliance. There are issues of consistency and comprehensiveness of dimensions in representing ISC concept in all previous studies. While these dimensions are different from one study to another, there are also some ISC key factors in the ISC literature that are not being included in those studies. A comprehensive and more cohesive ISC dimensions that could represent all the key factors of ISC concept should be formulated in order to get more conclusive findings on the relationship between ISC and ISP compliance behavior. This paper discusses the formulation process of new comprehensive ISC dimensions to represent a holistic concept of ISC. The underlying concepts used in this formulation are based on widely accepted concepts of organizational culture and ISC conceptual model to make sure that the new formulated dimensions are supportive to all levels comprised in those concepts. Seven new dimensions have been proposed. These dimensions cover most of the ISC key factors in literature. The formulated dimensions also supported by previous theoretical and empirical findings from various ISC-related studies. Finally, we have demonstrated that these new comprehensive dimensions could be used to represent a holistic concept of ISC to be examined in ISP compliance behavior study.

Similar Items