Information Security Policy Compliance: The Role of Information Security Awareness

Compliance and systems misuse has been the focus of researchers in the last couple of years. However, given that voids in this area is still significant and systems abuse is a pressing issue likely to persist in the future, more investigation is needed in this area. Toward this end, we conducted a research study to help understand factors motivating compliance behavior intentions. Drawing on Theory of Planned Behavior, we investigated the role of users’ self-learning and knowledge of security issues in shaping their attitudes toward compliance with information security policies (ISPs). We collected data from nine financial organizations to test the proposed research model. Results show that employees’ previous knowledge of security issues and technologies have significant positive impact on their attitudes toward compliance with ISPs. This study sheds light on the importance of users’ general awareness of security issues and technologies in shaping their attitudes to comply with ISPs.