Integrating outcome oriented policy in information security policies: An examination of security perceptions, motivations, and intentions
With security breaches occurring regularly, organizations must employ strong security countermeasures to protect private, valuable information. Organizational insiders pose a major threat to the security of organizations by direct and intentional misuse of information assets and by the careless and negligent use of information. Developing strong information security policy (ISP) is important to thwarting insider security threats. To date, behavioral information security research has primarily examined ISP from a procedural viewpoint. Outcome-oriented security policy is understudied, but may allow for greater self-determination that motivates stronger security behavior. This research-in-progress proposes a study of security policy to determine how the inclusion of outcome-oriented security policy influences insiders’ motivations to improve security efforts and intentions to follow procedural security policy. An experiment is proposed to test the hypotheses.
Dewald Roode Workshop
Wall, J. D.,
Buche, M. W.
Integrating outcome oriented policy in information security policies: An examination of security perceptions, motivations, and intentions.
Dewald Roode Workshop.
Retrieved from: https://digitalcommons.mtu.edu/business-fp/418