Review of IS security policy compliance

LAUR Repository

Show simple item record

dc.contributor.author Balozian, Puzant
dc.contributor.author Leidner, Dorothy
dc.date.accessioned 2017-09-07T09:55:32Z
dc.date.available 2017-09-07T09:55:32Z
dc.date.copyright 2017 en_US
dc.date.issued 2017-09-07
dc.identifier.issn 1532-0936 en_US
dc.identifier.uri http://hdl.handle.net/10725/6154 en_US
dc.description.abstract An understanding of insider threats in information systems (IS) is important to help address one of the dangers lurking within organizations. This article provides a review of the literature on insider compliance (and failure of compliance) with information systems' policies in order to understand the status of IS research regarding negligent and malicious insiders. We begin by defining the terms, developing a new taxonomy of insiders, and then providing a comprehensive review of articles on IS policy compliance for the past 26 years. Grounding the analysis in the literature, we inductively identify four themes to foster Information Security policy compliance among employees. The themes are: 1) IS management philosophy, 2) procedural countermeasures, 3) technical countermeasures, and 4) environmental countermeasures. We propose that future research can draw upon these themes and use them as the building blocks of an indigenous IS security theory. en_US
dc.language.iso en en_US
dc.title Review of IS security policy compliance en_US
dc.type Article en_US
dc.description.version Published en_US
dc.title.subtitle toward the building blocks of an IS security theory en_US
dc.author.school SOB en_US
dc.author.idnumber 200105333 en_US
dc.author.department Department of Information Technology and Operations Management (ITOM) en_US
dc.description.embargo N/A en_US
dc.relation.journal The Data Base for Advances in Information Systems en_US
dc.journal.volume 48 en_US
dc.journal.issue 3 en_US
dc.article.pages 11-43 en_US
dc.keywords Insider threat en_US
dc.keywords Information systems security en_US
dc.keywords Review en_US
dc.keywords Compliance en_US
dc.keywords Noncompliance information systems security policy en_US
dc.identifier.doi http://dx.doi.org/10.1145/3130515.3130518 en_US
dc.identifier.ctation Balozian, P., & Leidner, D. (2017). Review of IS security policy compliance: Toward the building blocks of an IS security theory. ACM SIGMIS Database: the DATABASE for Advances in Information Systems, 48(3), 11-43. en_US
dc.author.email puzant.balozian@lau.edu.lb en_US
dc.identifier.tou http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php en_US
dc.identifier.url http://dl.acm.org/citation.cfm?id=3130518 en_US
dc.orcid.id https://orcid.org/0000-0002-8410-1188 en_US
dc.author.affiliation Lebanese American University en_US

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search LAUR

Advanced Search


My Account