Measuring employees’ compliance: The importance of value pluralism
(English)In: Information and Computer Security, ISSN 1434-5250, E-ISSN 2220-3796Article in journal (Refereed) Accepted
Employees’ information security policy compliance has made it to the top of many managers’ priority lists. It has also become an important research topic. However, measuring compliance is a challenging task, both in research and in practice. Although it has been long acknowledged that organisations include multiple organisational imperatives and value systems, value pluralism has not been paid systematic attention in existing research. Against this background this article set out to investigate two different types of compliance measures. The first measure is a value-monistic compliance measure, while the second is a value-pluralistic measure, introducing competing organisational imperatives. Our results show that value pluralism has an influence on employees’ compliance with information security policies. We therefore propose a guideline: ensure that relevant organisational imperatives and value systems, along with information security values, are included in the measures for employees’ information security policy compliance.
Information security policy compliance, value pluralism, field surveys, context relevance
Information Systems Political Science
Research subject Informatics
IdentifiersURN: urn:nbn:se:oru:diva-56342OAI: oai:DiVA.org:oru-56342DiVA: diva2:1081771