Affecting factors in information security policy compliance: Combine organisational factors and user habits

Abstract

Information security policy compliance is one concern of organisations to improve information security, including universities. Previous research has shown that factors that influence user compliance can come from user behaviour and from within the organisation. This study aims to explore the factors of organisation and user habits that affect user compliance with information security policies. The research model proposed used organisational commitment, organisational culture, reward, and habit variables—this research conducted with a case study of public universities in Indonesia by using an online survey. The results indicated that the factors derived from organisational commitment established a positive influence on the user’s respectful behaviour. The insignificant organisational culture and reward affected information security policies. User habits also influenced user behaviour in maintaining information security.