Journal
INFORMATION AND COMPUTER SECURITY
Volume 23, Issue 2, Pages 200-217Publisher
EMERALD GROUP PUBLISHING LTD
DOI: 10.1108/ICS-04-2014-0025
Keywords
Theory of planned behavior; Information security; Anticipated regret; Policy compliance; Protection motivation theory
Categories
Funding
- Swedish Civil Contingencies Agency (MSB)
Ask authors/readers for more resources
Purpose - This paper aims to challenge the assumption that the theory of planned behaviour (TPB) includes all constructs that explain information security policy compliance and investigates if anticipated regret or constructs from the protection motivation theory add explanatory power. The TPB is an established theory that has been found to predict compliance with information security policies well. Design/methodology/approach - Responses from 306 respondents at a research organization were collected using a questionnaire-based survey. Extensions in terms of anticipated regret and constructs drawn from the protection motivation theory are tested using hierarchical regression analysis. Findings - Adding anticipated regret and the threat appraisal process results in improvements of the predictions of intentions. The improvements are of sufficient magnitude to warrant adjustments of the model of the TPB when it is used in the area of information security policy compliance. Originality/value - This study is the first test of anticipated regret as a predictor of information security policy compliance and the first to assess its influence in relation to the TPB and the protection motivation theory.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available