This paper offers a new perspective on the effectiveness of sanctions in influencing information security policy compliance. We observe compliance from a group perspective to identify undeterrable employees who comply based on inner conviction and deterrable employees who comply because of external coercion. Drawing upon survey data, we show that multilevel sanctions (i.e., formal, social, and personal sanctions) have a varying impact on the compliance of inclined and disinclined employees. We also find that multilevel sanction perceptions are differently influenced by information security policy awareness. This group-based deterrability perspective opens up new avenues to study the value of sanctions.

本文为制裁在影响信息安全政策合规性方面的有效性提供了新的视角。我们从团队的角度观察合规性，以根据内在信念确定应遵守的不动产雇员，以及由于外部胁迫而合规的不合要求的雇员。根据调查数据，我们显示出多层次的制裁（即正式，社会和个人制裁）对倾斜和不愿服从的员工的合规性有不同的影响。我们还发现，多层次制裁的感知受到信息安全政策意识的不同影响。这种基于群体的可破坏性观点为研究制裁的价值开辟了新途径。