EVALUATION OF THE INTENTS OF NONCOMPLIANCE WITH THE ORGANIZATIONAL INFORMATION SYSTEMS SECURITY POLICY

Description

The thought of information systems refers to the most important commodity in business management, information. Nothing can be done in organizational management without information. Any systems put in place that handles information must be set up to secure that information effectively. An information system includes hardware, software, and the people operating the system. Hardware and software are programmed and set up to meet users’ expectations. The third component, individuals, cannot be programmed or set up to operate automatically. Securing information involves effective management performance of hardware, software, and the people involved. The main component of the system is human. Humans operate hardware and software, apply policies, and develop intelligence to ensure the smooth and effective functioning of the system. This study conducted in 2018 focused on security policies compliance awareness and commitment. It surveyed 280 participants to test the relationship between the members’ intents of non-compliance with Information Systems Security Policies (ISSP), the deterrence controls, and the social bonds and social pressure controls.