Information Security Policy Perceived Compliance Among Staff in Palestine Universities: An Empirical Pilot Study
Title | Information Security Policy Perceived Compliance Among Staff in Palestine Universities: An Empirical Pilot Study |
Publication Type | Conference Paper |
Year of Publication | 2019 |
Authors | Iriqat, Yousef Mohammad, Ahlan, Abd Rahman, Molok, Nurul Nuha Abdul |
Conference Name | 2019 IEEE Jordan International Joint Conference on Electrical Engineering and Information Technology (JEEIT) |
Keywords | appraisal, Bibliographies, Collaboration, Communications technology, compliance behaviour, data collection method, Educational institutions, employees, General Deterrence Theory, government policies, Human Behavior, human factors, information reinforcement theory, Information security, information security policy, Information Security Policy Awareness, information security risks mitigation, insider threat, Instruments, ISP, Least squares approximations, Mathematical model, Metrics, organisational aspects, Palestine university staffs, partial least squares structural equation modelling, Personnel, planned behaviour theory, PLS-SEM, policy-based governance, protection motivation theory, pubcrawl, resilience, Resiliency, security of data, Security Policies Analysis, statistical analysis |
Abstract | In today's interconnected world, universities recognize the importance of protecting their information assets from internal and external threats. Being the possible insider threats to Information Security, employees are often coined as the weakest link. Both employees and organizations should be aware of this raising challenge. Understanding staff perception of compliance behaviour is critical for universities wanting to leverage their staff capabilities to mitigate Information Security risks. Therefore, this research seeks to get insights into staff perception based on factors adopted from several theories by using proposed constructs i.e. "perceived" practices/policies and "perceived" intention to comply. Drawing from the General Deterrence Theory, Protection Motivation Theory, Theory of Planned Behaviour and Information Reinforcement, within the context of Palestine universities, this paper integrates staff awareness of Information Security Policies (ISP) countermeasures as antecedents to ``perceived'' influencing factors (perceived sanctions, perceived rewards, perceived coping appraisal, and perceived information reinforcement). The empirical study is designed to follow a quantitative research approaches, use survey as a data collection method and questionnaires as the research instruments. Partial least squares structural equation modelling is used to inspect the reliability and validity of the measurement model and hypotheses testing for the structural model. The research covers ISP awareness among staff and seeks to assert that information security is the responsibility of all academic and administrative staff from all departments. Overall, our pilot study findings seem promising, and we found strong support for our theoretical model. |
URL | https://ieeexplore.ieee.org/document/8717438 |
DOI | 10.1109/JEEIT.2019.8717438 |
Citation Key | iriqat_information_2019 |
- planned behaviour theory
- Instruments
- ISP
- Least squares approximations
- Mathematical model
- Metrics
- organisational aspects
- Palestine university staffs
- partial least squares structural equation modelling
- Personnel
- insider threat
- PLS-SEM
- policy-based governance
- protection motivation theory
- pubcrawl
- resilience
- Resiliency
- security of data
- statistical analysis
- General Deterrence Theory
- appraisal
- Bibliographies
- collaboration
- Communications technology
- compliance behaviour
- data collection method
- Educational institutions
- employees
- Security Policies Analysis
- government policies
- Human behavior
- Human Factors
- information reinforcement theory
- information security
- information security policy
- Information Security Policy Awareness
- information security risks mitigation