Exploring the Impact of Security Policy on Compliance

Extant studies on compliance with security policies have largely ignored the impact of monitoring, security operations, and roles and responsibilities on employees' compliance. This chapter proposes a theoretical model that integrates security policy, monitoring, security operations, and security roles to examine employees' security compliance. Data were collected from 233 IT security and management professionals. Using partial least square structural equation modelling and testing hypotheses, the study finds that information security policy has significant indirect influence on information security compliance. The effect of security policy is fully mediated by security roles, operations security activities, and security monitoring activities. Security policy strongly influences operations security activities and has the greatest effect on security roles and responsibilities. Among the three mediating variables, monitoring has the most significant influence on security compliance. Conversely, the direct impact of security policy on compliance is not significant.

Download Full-text

Exploring the Impact of Security Policy on Compliance

Research Anthology on Artificial Intelligence Applications in Security ◽

10.4018/978-1-7998-7705-9.ch017 ◽

2021 ◽

pp. 339-357

Author(s):

Winfred Yaokumah ◽

Peace Kumah

Keyword(s):

Information Security ◽

Security Policy ◽

Structural Equation ◽

Partial Least Square ◽

Least Square ◽

Security Monitoring ◽

Roles And Responsibilities ◽

Security Compliance ◽

Security Operations ◽

The Impact

Download Full-text

Towards Modelling the Impact of Security Policy on Compliance

Journal of Information Technology Research ◽

10.4018/jitr.2016040101 ◽

2016 ◽

Vol 9 (2) ◽

pp. 1-16 ◽

Cited By ~ 4

Author(s):

Winfred Yaokumah ◽

Steven Brown ◽

Alex Ansah Dawson

Keyword(s):

Information Security ◽

Security Policy ◽

Structural Equation ◽

Partial Least Square ◽

Least Square ◽

Roles And Responsibilities ◽

Security Controls ◽

Security Compliance ◽

Iec 27002 ◽

The Impact

This study develops a model, based on the controls present in ISO/IEC 27002 framework, to integrate the role of technical and administrative security controls. The model provides better understanding of how security policy can influence security compliance and the pathway through which this effect is generated. Data were collected from 223 IT security and management professionals. Using Partial Least Square Structural Equation Modelling (PLS-SEM) and testing hypotheses, the study finds that information security policy has significant indirect influence on information security compliance. The effect of security policy is fully mediated by security roles and responsibilities, operations security activities, and security monitoring and review activities. Security policy strongly influences operations security activities and has the greatest effect on security roles and responsibilities. Among the three mediating variables, monitoring and reviews has the most significant influence on security compliance. Conversely, the impact of security policy on compliance is not significant.

Download Full-text

Information Security Compliance in Organizations: An Institutional Perspective

Data and Information Management ◽

10.1515/dim-2017-0006 ◽

2017 ◽

Vol 1 (2) ◽

pp. 104-114 ◽

Cited By ~ 1

Author(s):

Ahmed AlKalbani ◽

Hepu Deng ◽

Booi Kam ◽

Xiaojuan Zhang

Keyword(s):

Information Security ◽

Security Policy ◽

Structural Equation ◽

Online Survey ◽

Institutional Pressures ◽

Institutional Perspective ◽

Security Research ◽

Security Compliance ◽

Security Standards ◽

The Impact

Abstract The increasing recognition of the importance of information security has created institutional pressures on organizations to comply with information security standards and policies for protecting their information. How such pressures influence information security compliance in organisations, however, is unclear. This paper presents an empirical study to investigate the impact of institutional pressures on information security compliance in organizations. With the use of structural equation modelling for analysing the data collected through an online survey, the study shows that coercive pressures, normative pressures, and mimetic pressures positively influence information security compliance in organizations. It reveals that the benefits of information security compliance motivate management to strengthen their commitments at information security compliance. Furthermore, the study finds out that social pressures do not have a significant impact on management commitments towards information security compliance. Theoretically this study contributes to the information security research by better understanding how institutional pressures can be used for enhancing information security compliance in organizations. Practically this study informs information security policy makers of the major institutional drivers for information security compliance.

Download Full-text

Evaluating the Effectiveness of Deterrence Theory in Information Security Compliance

Modern Theories and Practices for Cyber Ethics and Security Compliance - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-3149-5.ch009 ◽

2020 ◽

pp. 140-151

Author(s):

Felix Nti Koranteng ◽

Richard Apau ◽

Jones Opoku-Ware ◽

Akon Obu Ekpezu

Keyword(s):

Security Policy ◽

Structural Equation ◽

Partial Least Square ◽

Least Square ◽

Deterrence Theory ◽

Neutralization Techniques ◽

Security Compliance ◽

Severity Of Punishment ◽

Positive Effect ◽

Compliance Behaviour

There is a long-held belief that deterrence mechanisms are more useful in developing countries. Evidence on this belief is anecdotal rather than empirical. In this chapter, individual compliance to information system security policy (ISSP) is examined through the lenses of deterrence theory. The effects of certainty of detection and severity of punishment on attitude towards compliance and also ISSP compliance behaviour are investigated. A survey questionnaire was distributed to gather responses from 432 individuals who are staff of a public university in Ghana. The data was analysed using partial least square structural equation modelling (PLS-SEM). The results indicate that severity of punishment has a positive effect on attitude towards compliance and ISSP compliance behaviour. However, certainty of detection neither affected attitude towards compliance nor ISSP compliance behaviour. It is recommended that organizations enhance the severity of sanctions imposed on those who violate ISSPs. Future studies should explore how users apply neutralization techniques to evade sanctions.

Download Full-text

The impact of information security management practices on organisational agility

Information and Computer Security ◽

10.1108/ics-02-2020-0020 ◽

2020 ◽

Vol 28 (5) ◽

pp. 681-700

Author(s):

Muhamad Khairulnizam Zaini ◽

Mohamad Noorman Masrek ◽

Mad Khir Johari Abdullah Sani

Keyword(s):

Information Security ◽

Structural Equation ◽

Management Practices ◽

Security Management ◽

Partial Least Square ◽

Least Square ◽

Information Security Management ◽

Content Type ◽

The Impact ◽

Organisational Agility

Purpose This study aims to determine the extent to which information security management (ISM) practices impact the organisational agility by examining the relationship between both concepts. Design/methodology/approach A quantitative method research design has been used in this study. This study was conducted throughout Malaysia with a total of 250 valid questionnaires obtained from managers and executives from the Multimedia Super Corridor (MSC)-status companies. Structural equation modelling (SEM) using partial least square was used to analyse the data and to test all nine hypotheses developed in this study. Findings Findings from this study indicate that operational agility (OA) is significantly related to ISM practices in MSC-status companies. The validation of the structural model of nine hypotheses developed for this study has demonstrated satisfactory results, exhibited six significant direct relationships and three insignificant relationships. Research limitations/implications This study has addressed the needs for a comprehensive, coherent and empirically tested ISM practices and organisational agility framework. The current theoretical framework used in this study emphasised on the ISM–organisational agility dimensions that are predominantly important to ascertain high level of ISM practices and perceived agility level among the information technology (IT) business companies in Malaysia. With the application of SEM for powerful analysis, the empirical-based framework established in this study was validated by the empirical findings, thus contributing significantly to the field of information security (InfoSec). Originality/value This study has filled the research gap between different constructs of ISM practices and OA. The model put forth in this study contributes in several ways to the InfoSec research community. The recognition of InfoSec practices that could facilitate organisational agility in the IT industry in Malaysia is vital and contributes to more value creation for the organisations.

Download Full-text

Application of Blockchain for Supply Chain Financing: Explaining the Drivers Using SEM

Journal of Open Innovation Technology Market and Complexity ◽

10.3390/joitmc7030167 ◽

2021 ◽

Vol 7 (3) ◽

pp. 167

Author(s):

Mohammad Rokibul Kabir ◽

Md. Aminul Islam ◽

Marniati ◽

Herawati

Keyword(s):

Supply Chain ◽

Technology Acceptance ◽

Structural Equation ◽

Research Work ◽

Partial Least Square ◽

Least Square ◽

Equation Modeling ◽

Innovation Research ◽

Supply Chain Financing ◽

The Impact

Owing to the lack of research in emerging Asian nations, this research aimed to unearth the determinants of blockchain acceptance for supply chain financing by a Bangladeshi financing company called IPDC. Centred on a technology acceptance framework called UTAUT (unified theory of acceptance and use of technology) and open innovation research, an expanded model with a mediating variable is developed for this study. This research work employs the deductive inference method in conjunction with the positivism paradigm. A structural questionnaire was used to gather data, which were then processed through Smart-PLS (partial least square) for SEM (structural equation modeling). The survey includes all the people who are directly or indirectly involved in the supply chain financing platform of IPDC. The study consists of seven direct hypotheses and one mediating hypothesis. The results show that all the direct hypotheses except the impact of social influence on the behavioural intention to use (BINTU) blockchain are significant. The mediating hypothesis indicating the role of BINTU in the relationship between facilitating conditions (FCON) and the actual use of blockchain is also supported. FCON and BINTU together explain 88.7% variation in blockchain use behaviour for supply chain financing. The research advances past findings by employing an expanded UTAUT framework and validating observations with the other relevant studies throughout the world.

Download Full-text

PENGARUH SERVANT LEADERSHIP TERHADAP KOMITMEN ORGANISASIONAL DAN KINERJA PEGAWAI (Studi pada Pegawai Negeri Sipil di RSUD Wangaya Kota Denpasar)

E-Jurnal Ekonomi dan Bisnis Universitas Udayana ◽

10.24843/eeb.2017.v06.i07.p05 ◽

2017 ◽

pp. 2731

Author(s):

I Gede Hendry Kamanjaya ◽

Wayan Gede Supartha ◽

IG.A. Manuati Dewi

Keyword(s):

Organizational Commitment ◽

Servant Leadership ◽

Structural Equation ◽

Employee Performance ◽

Equation Model ◽

Partial Least Square ◽

Least Square ◽

Inferential Analysis ◽

The Impact

This study is focused to analyze the impact of servant leadership on employee performance in relation to the organizational commitment mediation. It is a causality research, providing an explanation and understanding about the impact of servant leadership on employee performance and the impact of servant leadership on organizational commitment. The sample of the research are 90 civil servants in Wangaya General Hospital as the respondents. In this study questionares are used as instuments of the research. Descriptive and inferential analysis were applied as method of analysis and Structural Equation Model-Partial Least Square (SEM-PLS) as a tool. The result is that servant leadership does not have any significant effect on employees performance, servant leadership has a positive and significant effect on organizational commitment, organizational commitment has positive and significant effect on employee performance, and the impact on servant leadership and employee performance through the role of organizational commitment as mediating variable is supported.

Download Full-text

How Creative Destruction Functions in Corporate Entrepreneurial Process: An Empirical Investigation of Schumpeterian Concept in Engineering Firms Setting in Pakistan

10.21203/rs.3.rs-311356/v1 ◽

2021 ◽

Author(s):

Muhammad Zubair Alam ◽

Shazia Kousar ◽

Muhammad Rizwan Ullah ◽

Amber Pervaiz

Keyword(s):

Structural Equation ◽

Corporate Entrepreneurship ◽

Creative Destruction ◽

Positive Influence ◽

Opportunity Recognition ◽

Partial Least Square ◽

Least Square ◽

Equation Modeling ◽

Engineering Firms ◽

The Impact

Abstract Schumpeter's idea of creative destruction (CD) explains innovation functions in organisations. This paper investigates the CD concept in engineering firms by explaining how technical opportunity (TO) transforms into corporate entrepreneurship (CE) actions once opportunities have a market orientation (MO). A survey conducted using a structured questionnaire with 132 managers in engineering firms in Pakistan. Structural Equation Modeling (SEM) using Partial Least Square (PLS) approach has been used to analyse the data. Results reveal that MO and TO exerts a positive influence on CE. MO is the reason for the emergence of TO, which is exploited by CE's in engineering firms. CD intensifies the impact of MO on TO significantly. Opportunity recognition in engineering firms is distinguished and bounded by MO and technical viability. Engineering firms need to identify gaps in the market through naturally occurring obsolescence of products and services (CD) to create TO with appropriate MO. This study has revived a classical debate over opportunity recognition by proposing a CE model by incorporating external factors. The Schumpeterian opportunity recognition process and CD have been explained for engineering firms that are distinguished from other types of firms. Kirznerian opportunity recognition view has also been debated to dialect Schumpeterian view.

Download Full-text

DAMPAK IKLIM ORGANISASI TERHADAP STRES KERJA DAN KINERJA KARYAWAN

Jurnal Manajemen ◽

10.24912/jm.v20i1.69 ◽

2017 ◽

Vol 20 (1) ◽

pp. 121 ◽

Cited By ~ 1

Author(s):

Muhammad Rasyid Abdillah ◽

Rizqa Anita ◽

Rita Anugerah

Keyword(s):

Structural Equation Modeling ◽

Organizational Climate ◽

Job Stress ◽

Structural Equation ◽

Employee Performance ◽

Partial Least Square ◽

Least Square ◽

Equation Modeling ◽

Head Office ◽

The Impact

Penelitian ini bertujuan untuk menguji dampak iklim organisasi terhadap stres kerja dan kinerja karyawan. Data yang digunakan dalam penelitian ini adalah data primer dalam bentuk kuesioner dimana subjek penelitiannya adalah para 45 karyawan PT. Adei Plantation & Industry Head Office Pekanbaru Riau. Pengujian hipotesis menggunakan Structural Equation Modeling Partial Least Square. Hasil penelitian menunjukkan bahwa iklim organisasi berpengaruh terhadap stres kerja dan kinerja karyawan. Selain itu, hasil ini juga menunjukkan bahwa pengaruh iklim organisasi terhadap kinerja karyawan adalah pengaruh tidak langsung melalui stres kerja.This study aims to examine the impact of organizational climate on job stress and employee performance. The data used in this study was primary data in the form of a questionnaire in which the research subjects are 45 employees of PT. Adei Plantation & Industry Head Office Pekanbaru Riau. To test the hypothesis using Structural Equation Modeling Partial Least Square. The result suggest that organizational climate influence on job stress and employee performance. In addition, result also suggest that the effect of organizational climate on employee performance is indirect influence through job stress.

Download Full-text

THE IMPACT OF PERSONAL PRODUCTIVITY DUE TO THE ATTACKS OF CORONAVIRUS DISEASE 2019: USING PARTIAL LEAST STRUCTURAL EQUATION MODEL

Innovare Journal of Health Sciences ◽

10.22159/ijhs.2020.v8i6.38327 ◽

2020 ◽

pp. 1-4

Author(s):

SHEKH ABDULLAH-AL-MUSA AHMED ◽

NIK ZULKARNAEN BIN KHIDZIR ◽

SHIRIN AFROZ

Keyword(s):

Structural Equation ◽

Influence Factor ◽

Equation Model ◽

Partial Least Square ◽

Least Square ◽

Equation Modeling ◽

Dependent Variables ◽

Independent Variable ◽

Personal Productivity ◽

The Impact

Global coronavirus disease 2019 (COVID-19) is an infectious disease caused by severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2). The disease was first identified in December 2019 in Wuhan, the capital of China’s Hubei Province, and has since spread globally, resulting in the ongoing 2019–2020 coronavirus pandemic that has an impact which would be disturbed the personal productivity in the community. The dependent variable which is threat of COVID-19 (Thr_Cov-19), vulnerability of COVID-19 (Vul_Cov-19), and the unexpected change in society factors and one independent variable that is personal disturbance factors is used in this paper. Moreover, using as an indicator which will determine disturbance of personal productivity (D_PP) in the society. Since multiple regression by partial least square-structural equation modeling is used to examined of data by following unstructured method. Moreover, the resulting point out three dependent variables significantly influences on the independent variable of personal productivity in the society. As a matter of fact, this study concludes the foremost influence factor on D_PP in society due to COVID-19 risk factors such as Thr_Cov-19, Vul_Cov-19, and unexpected changed in the society factors. This study contributes to introductory study but vibrant understanding in stimulating the prediction of personal productivity in the society due to the COVID-19 attacks.

Download Full-text