Employees' intentions toward complying with information security controls in Saudi Arabia's public organisations

Publication Name

Government Information Quarterly

Abstract

Ensuring employees' compliance with information security controls is a major challenge experienced by the management of information security in organisations. While the investment in information security has been increased recently, many organisations around the world have failed to avoid security threats and data breaches because of noncompliant employees. This study proposes a model to explore employees' differences and identifies the factors that can shape their perceptions and intentions toward compliance. The model was examined and validated in a Saudi Arabian government organisation using partial least square structural equation modelling. The results of this study support the validity of the research model and disclose the factors that have a significant influence on employees' intentions toward compliance, particularly in Saudi Arabia's public organisations. To the best of our knowledge, this is the first study to investigate employees' perceptions and intentions toward complying with information security controls in public organisations across all regions of Saudi Arabia. The study contributes to the information security management domain in terms of the model's validity, which can be used to explore the influence of the identified factors on employees' perceptions and intentions toward complying with information security controls in different cultural and environmental contexts.

Article Number

101721

Funding Sponsor

Australian Research Council

Share

COinS
 

Link to publisher version (DOI)

http://dx.doi.org/10.1016/j.giq.2022.101721