The influence of organisational culture and information security culture on employee compliance behaviour,Journal of Enterprise Information Management

当前位置： X-MOL 学术 › Journal of Enterprise Information Management › 论文详情

Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)

The influence of organisational culture and information security culture on employee compliance behaviour
Journal of Enterprise Information Management ( IF 5.661 ) Pub Date : 2020-10-07 , DOI: 10.1108/jeim-08-2019-0217
Grant Solomon , Irwin Brown

Purpose

Organisational culture plays an important role in influencing employee compliance with information security policies. Creating a subculture of information security can assist in facilitating compliance. The purpose of this paper is to explain the nature of the combined influence of organisational culture and information security culture on employee information security compliance. This study also aims to explain the influence of organisational culture on information security culture.

Design/methodology/approach

A theoretical model was developed showing the relationships between organisational culture, information security culture and employee compliance. Using an online survey, data was collected from a sample of individuals who work in organisations having information security policies. The data was analysed with Partial Least Square Structural Equation Modelling (PLS-SEM) to test the model.

Findings

Organisational culture and information security culture have significant, yet similar influences on employee compliance. In addition, organisational culture has a strong causal influence on information security culture.

Practical implications

Control-oriented organisational cultures are conducive to information security compliant behaviour. For an information security subculture to be effectively embedded in an organisation's culture, the dominant organisational culture would have to be considered first.

Originality/value

This research provides empirical evidence that information security subculture is influenced by organisational culture. Compliance is best explained by their joint influence.

中文翻译：