Organisational Security Culture and Information Security Compliance for E-Government Development: The Moderating Effect of Social Pressure

Rapid development of e-government has exposed critical public information to the possibility of cybercrime. Information security has become a critical issue that needs to be adequately addressed in egovernment development. This paper develops an information security compliance model by drawing insights from organizational and institutional theory literature to examine how organizational security culture influences information security compliance in public organizations for e-government development. It also investigates the role of social pressure in moderating the relationship between information security culture and information security compliance. The study explores three specific dimensions of information security culture: management commitments, accountability and information security awareness. The result of a hierarchical regression analysis indicates that management commitments, accountability, information security awareness, and social pressure have a significant positive impact on information security compliance in public organizations. The moderating role of social pressure, however, is only significant in augmenting the relationship between accountability and information security compliance. This study contributes to the information security compliance research by highlighting the criticality of establishing an information security culture within public organisations to promote information security compliance.