Information Security Policy Compliance: Systematic Literature Review

The growth of research in information technology security has enlarged in recent years. Investigations in Information security besides discussing technical problems but also consider policies, behavior and user compliance issues. Therefore, a systematic review is needed to inform the development of research in compliance with information security policies. This literature review aims to find the challenges and explore the current state-of-the art of information security policy compliance. We identified 305 research papers published on topics of information security policy compliance between 2014 and 2019 and extract 53 documents from discussing with inclusion and exclusion criteria. This literature review found there is a lack of study about an evaluation of information security policy compliance using specific metric and need to enhance the model of information security policy compliance with organizational theories. (C) 2019 The Authors. Published by Elsevier B.V.