Evaluation of the Intents of Noncompliance with the Organizational Information Systems Security Policy

Evaluation of the Intents of Noncompliance with the Organizational Information Systems Security Policy

Author: 
Antoinette Song
Program of study: 
D.M./IST
Abstract: 
Information systems security breaches in the USA are aggravated by the lack of steadfastness displayed by organizations' insiders. That lack of dedication often leads to careless behavior linked to the development of intents of non-compliance with organization rule, regulations, and policy, especially in the area of information systems security. This multiple regression research aimed to evaluate any potential relationship between the organization insiders' non-compliance intents with information systems security policy (ISSP) in the United States of America, and the formal and informal controls. The Cheng et al. (2013) theoretical model was used as a platform for this study. The study surveyed 280 participants to test the relationship between the members' intents of non-compliance with ISSP, the deterrence controls, and the social bonds and social pressure controls. The deterrence controls comprised sanctions perceived certainty and sanctions perceived severity. The social bond controls comprised attachment, commitment, involvement, and belief. The social pressure controls included subjective norms and peer behavior. A multiple regression analysis established a significant relationship between the dependent variable (DV) the intents of non-compliance with ISSP and the independent variable (IVs) including perceived certainty, attachment to the organization, commitment, belief, subjective norms, and peer behavior. Conversely, no significant relationship was established with the attachment to the immediate supervisor, to the job, to peers, or to the involvement. This research suggests that leaders should consistently evaluate their team members' intents toward ISSP. Leaders should utilize this evaluation to design a contributive cooperation platform for effective IS strategies and ISSP.
Dedication: 
This dissertation is dedicated to my husband; Isaac Song, who encouraged and supported me throughout this program. It is also dedicated to organizational leaders who have to deal with information systems security breaches and unprecedented challenges and struggle to keep their business information safe.
Acknowledgements: 
I would like first to thank my Lord Jesus Christ for granting me the will, strength, and commitment I needed to complete this project. I also want to recognize my husband, Isaac Song, for motivating, encouraging, and supporting me all along; and putting up with my moments of frustration and discouragement. I want to express my profound gratitude to my mentor, Dr. C Augusto Casas, for an outstanding mentorship, and the committee members, Dr. John Avella and Dr. Carla Lane-Johnson, for their feedback, support, and encouragement during this process. I would not forget Dr. Margaret Garberina, who had to step down from the committee because of health challenges. I sincerely appreciate and acknowledge Dr. Diane Gavin, my DOC/733B instructor. I am particularly grateful for her remarkable input in the orientation of my research methodology design. I finally want to thank Dr. Wenli Li from the Dalian University of Technology in China, for permitting me to use the Scenario-Based Survey.