Integrating outcome oriented policy in information security policies: An examination of security perceptions, motivations, and intentions

Document Type


Publication Date



With security breaches occurring regularly, organizations must employ strong security countermeasures to protect private, valuable information. Organizational insiders pose a major threat to the security of organizations by direct and intentional misuse of information assets and by the careless and negligent use of information. Developing strong information security policy (ISP) is important to thwarting insider security threats. To date, behavioral information security research has primarily examined ISP from a procedural viewpoint. Outcome-oriented security policy is understudied, but may allow for greater self-determination that motivates stronger security behavior. This research-in-progress proposes a study of security policy to determine how the inclusion of outcome-oriented security policy influences insiders’ motivations to improve security efforts and intentions to follow procedural security policy. An experiment is proposed to test the hypotheses.

Publisher's Statement

© 2017 Publisher's version of record: https://ifip.byu.edu/ifip2017.html

Publication Title

Dewald Roode Workshop