NotesFAQContact Us
Search Tips
ERIC Number: ED554840
Record Type: Non-Journal
Publication Date: 2013
Pages: 172
Abstractor: As Provided
Reference Count: N/A
ISBN: 978-1-3032-1835-4
A Study on Corporate Security Awareness and Compliance Behavior Intent
Clark, Christine Y.
ProQuest LLC, D.P.S. Dissertation, Pace University
Understanding the drivers to encourage employees' security compliance behavior is increasingly important in today's highly networked environment to protect computer and information assets of the company. The traditional approach for corporations to implement technology-based controls, to prevent security breaches is no longer sufficient. Companies must rely on their staff to make sensible decisions while executing security tasks. Effective information security protection requires the proper balance among technology, policies, processes, and people to mitigate the risks. This research investigated the effect of awareness exposure on antecedences to compliance behavior intent in the corporate environment. A four-month security awareness campaign was implemented as a part of the action research and empirical data was collected to measure the effectiveness of the campaign based on a research model of security compliance behavior intent. The analysis of the data indicated that the campaign was effective in improving four research constructs, compliance knowledge of security policies, perceived vulnerability in security, attitudes towards security compliance, and self-efficacy of security policy. The data indicated that one type of campaign event, informal Q & A, was the most effective because it provided the opportunity to directly interacting with the employees to address their questions and concerns. The path analysis of the research model indicated that attitudes towards security compliance is the most significant construct in the model to influence employees' intent to comply and perceived vulnerability is the most significant impact on the attitude. This research also demonstrated awareness exposure had moderate effects on security compliance and could be used to positively influence attitudes towards security compliance and intent to comply with security policy. These insights help substantiate organizational investment for future security awareness programs and enable corporations to effectively protect company information assets by utilizing employees who are highly knowledgeable in security policies and highly motivated to perform security procedures. [The dissertation citations contained here are published with the permission of ProQuest LLC. Further reproduction is prohibited without permission. Copies of dissertations may be obtained by Telephone (800) 1-800-521-0600. Web page:]
ProQuest LLC. 789 East Eisenhower Parkway, P.O. Box 1346, Ann Arbor, MI 48106. Tel: 800-521-0600; Web site:
Publication Type: Dissertations/Theses - Doctoral Dissertations
Education Level: N/A
Audience: N/A
Language: English
Sponsor: N/A
Authoring Institution: N/A