Information security policy compliance: An exploration of user behaviour and organizational factors

Abstract

Organizations are adopting security policies to protect critical information, despite the fact that IT users frequently violate these standards. Numerous factors affecting user compliance have been identified in previous research, but few research findings have addressed human and organizational factors. The purpose of this study is to ascertain the human and organizational factors that influence user adherence to policies. The variables examined included leadership, organizational commitment, rewards, awareness, behavioral intentions, and habits, all of which were gender-related. This is a quantitative study that includes offline and online surveys of university users in Indonesia. The findings indicated that the awareness variable had the greatest effect, while the reward variable had no effect. This research is expected to contribute to an understanding of how to comply with information security policies.