• The Journal of Information Systems
• /
• v.25 no.2
• /
• pp.51-77
• /
• 2016

Purpose Organizations invest significant portions of their budgets in fortifying information security. Nevertheless, the security threats by employees are still at large. We discuss methods to reduce security threats that are posed by employees in organization. This study finds antecedent factors that increases or decreases employee's compliance intention. Also, the study suggests organizations' security environmental factors which influences the antecedent factors of compliance intention. Design/methodology/approach The structural equation model is then applied in order to verify this research model and hypothesis. Data were collected on 415 employees working in organizations with an implemented information security policy in South Korea. We analyzed the fitness and validity of the research model via confirmatory factor analysis in order to verify the research hypothesis, then we analyzed structural model, and derived the result. Findings The result shows that organizational commitment and peer behavior increase security compliance intention of employees, while security system anxiety decreases compliance intention. And, organization's physical security system and security communication both have influence on antecedent factors for information security compliance of employees. Our findings help organizations to establish information security strategies that enhance employee security compliance intention.

• The Journal of Information Systems
• /
• v.27 no.4
• /
• pp.97-114
• /
• 2018

Purpose Compliance support system (CSS) aims to support employees' voluntary compliance activities, however, it requires a different approach from the acceptance of other general information systems. In other words, the user's concern that his/her compliance activities recorded in the system are monitored may hinder the active use of the system. In this regard, we set up a research model to investigate the factors that affect the intention to use CSS, by including perceived usefulness, compliance commitment, and surveillance concern. Design/methodology/approach A questionnaire survey was conducted for the employees of a domestic oil-company, who operates their own CSS. Based on the 865 data collected, a structural model analysis using PLS was conducted. As a result, all four hypotheses were accepted. It was found that perceived usefulness of CSS has a positive effect on the intention to use CSS. Compliance commitment has a positive effect both on perceived usefulness and intention to use CSS. In contrast, surveillance concern of one's non-compliance recorded in the CSS was shown to have a negative effect on the relationship between compliance commitment and perceived usefulness. Findings This study has academic implications in that it extends the viewpoint of the existing technology acceptance mechanism by examining the two aspects, i.e., compliance commitment and surveillance concern. This study may also provide practical directions to strengthen the use of the active compliance support system by the employees.

• The Journal of Society for e-Business Studies
• /
• v.21 no.4
• /
• pp.95-117
• /
• 2016

Entering aging society and increasing individual's interests on wellbeing lead to increasing demands of healthcare service and various healthcare related applications are providedon app market or Internet. These healthcare services could enhance user's health status if the users continuously use the service. In order to enhance effectiveness of a healthcare service, the service user should comply with recommendations or directions are provided by the service. However, previous studies of healthcare service are not considered effects of compliance intention on continuous usage. Hence, we tested how user's compliance intention effect on continuous usage intention of healthcare service based on theories of information system and medical information. Moreover, we found that compliance intention of users for healthcare service is an important factor on sustainability of healthcare service. Additionally, we investigated what factors are related with user's compliance intention.

• Journal of the Korea Convergence Society
• /
• v.11 no.9
• /
• pp.229-242
• /
• 2020

The purpose of this study is to present the environmental factors of positive and negative aspects that affect the information security compliance intention, and reveals the relationship of the individual's the security compliance intention. The subjects of this study are employees of organizations that apply information security policies and technologies, and effective samples were obtained through surveys. In the process of analysis, the study model was verified through structural equation modeling. The measurement variables consisted of security policy, security system, technical support, work impediment, security non-visibility, compliance intention and organizational commitment and used for analysis. The results confirmed that security compliance factors such as policy, system, technical support, and non-compliance factors, work impediment, respectively, had an impact on organizational commitment, leading to compliance intention. The verification result of the research model suggests the direction of establishing a security compliance strategy for employees to improve the level of information security compliance of the organization.

• Korean Journal of Community Nutrition
• /
• v.5 no.1
• /
• pp.36-49
• /
• 2000

The purpose of the study was to find the sociopsychological factors predicting the intention of compliance with the dietary regimen in diabetes with a questionnaire. Data were collected from 282 adult noninsulin-dependent diabetics in Seoul, Kyoggida, and Kyongsangbukdo in Korea. Stepwise multiple regression analysis was conducted with predictor variables from theories of the Health Belief Model, Social Cognitive Model, The Theory of Reasoned Action , and Social Support. The behavioral intention of compliance with the prescribed diet was the independent variable. Subjects norm self-efficacy knowledge about diet therapy, outcome expectation, relationship with medical team, threat of deterioration of disease, and social support were the independent variables, The mean score of behavior intention was high ie 35.3 out to 42. Subjective norm and self-efficacy were the significant variables to predict the intention of dietary compliance. These variables comprised 39% of the common variance. To increase dietary compliance by influence of the referents and improve self-efficacy significant referents must be included and concrete and practical methods to follow the dietary regimen must be provided in nutrition education.

• Journal of Information Technology Applications and Management
• /
• v.22 no.2
• /
• pp.171-199
• /
• 2015

This study proposes the practical information security measures that help IT personnel of banks comply the information security policy. The research model of the study is composed of independent variables (clarity and comprehensiveness of policy, penalty, dedicated security organization, audit, training and education program, and top management support), a dependent variable (information security policy compliance intention), and moderating variables (age and gender). Analyses results show that the information security measures except 'clarity of policy' and 'training and education program' are proven to affect the 'information security policy compliance intention.' In case of moderating variables, age moderated the relationship between top management support and compliance intention, but gender does not show any moderating effect at all. This study analyzes information security measures based solely on the perception of the respondents. Future study may introduce more objective measurement methods such as systematically analyzing the contents of the information security measures instead of asking the respondents' perception. In addition, this study analyzes intention of employees rather than the actual behavior. Future research may analyze the relationship between intention and actual behavior and the factors affecting the relationship.

• The Journal of Information Systems
• /
• v.29 no.1
• /
• pp.23-50
• /
• 2020

Purpose As information management grows in importance around the world, organizations are investing in information security technology. However, the higher the level of information security technology in an organization, the higher the techno-stress of employees. The purpose of this study is to suggest stress factors related to information security technology that affect the reduction of employees' intention to comply with information security and to suggest ways to alleviate stress. Design/methodology/approach The research presented a model for mitigating technical stress related to information security based on technical stress theory and person-organization fit theory. 346 questionnaire data were analyzed from the members of the organization who applied the information security technology, and the research hypothesis was verified through the structural equation modeling. Findings The hypothesis test confirms that security-related techno-stress reduces the information security compliance intention of employees, organizational technical support mitigates technical stress, and person-organization fitness mitigates the negative relationship between techno-stress and compliance intention. The results of the study contribute to the organization's strategy for minimizing the reduction of the information security compliance intention of employees, and are meaningful in that the theoretical basis for mitigating techno-stress is provided in the field of information security.

• Journal of the Korean Society of Industry Convergence
• /
• v.24 no.4_2
• /
• pp.421-434
• /
• 2021

The expansion of information sharing activities using online can increase the threat of information exposure by increasing the diversity of approaches to information within an organization. The purpose of this study is to present conditions for improving the information security compliance intention of insiders to improve the level of information security within the organization. In detail, the study applies the theory of planned behavior that clearly explains the cause of an individual's behavior and proposes a way to increase the compliance intention by integrating the social control theory and goal-setting theory. The study presented research models and hypotheses based on previous studies, collected samples by applying a questionnaire technique, and tested hypotheses through structural equation modeling. As a result, information security attitude, subjective norms, and self-efficacy had a positive influence on the intention to comply. Also, attachment, commitment, and involvement, which are the factors of social control theory, formed a positive attitude toward information security. Goal difficulty and goal specificity, which are the factors of goal setting theory, formed a positive self-efficacy. The study presents academic and practical implications in terms of suggesting a method of improving the information security compliance intention of employees.

• Journal of Digital Convergence
• /
• v.10 no.4
• /
• pp.23-35
• /
• 2012

The goal of this study is to identify factors that influence on the persistent information security compliance intention of employees. Antecedents suggested in research model are security awareness training and perceived effectiveness of information security policy. Research results show that security awareness training has a positive effect on persistent information security compliance intention as well as effectiveness of information security policy. While policy breadth, which is one of the effectiveness of information security policy, influences on persistent information security compliance attitude and intention, policy brevity does not effect on persistent information security compliance intention. Conclusions and implications are discussed.

• Journal of Korea Society of Industrial Information Systems
• /
• v.26 no.3
• /
• pp.23-39
• /
• 2021

Investment of organization in information security is increasing, but information security threats within the organization are not decreasing. The purpose of this study is to suggest a direction to increase the information security compliance intention of employees. In detail, the study presents the positive effects of security motivation and organization trust on the information security compliance intention, and presents the moderating effect of work promotion focus. Research model and hypothesis verification are confirmed through structural equation modeling and the study conducted a questionnaire technique to the employees of the organization applying the information security policy for quantitative verification. As a result, information security punishment and value congruence had a positive affect on the compliance intention by mediating organization trust. In addition, work promotion focus had a moderating effect on the positive relationship between the precedent factors on the compliance intention. The research has academic and practical implications from the viewpoint of presenting the factors of the organization's efforts to improve the level of information security compliance by insiders.