Select Page
Journal article | Research library
|

Variables influencing information security policy compliance: A systematic review of quantitative studies

Johan Bengtsson | Jonas Hallberg | Kristoffer Lundholm | Teodor Sommestad
https://doi.org/10.1108/IMCS-08-2012-0045

This paper aims to pinpoint the variables that impact compliance with organizational information security policies and to determine their significance. A systematic review of empirical studies from existing literature was conducted, with the variables investigated in these studies and their reported effect sizes being extracted and analyzed. Over 60 variables related to security policy compliance and non-compliance were studied across 29 studies. However, no single variable or originating theory stands out as a clear determinant of compliance behavior. Each variable only accounts for a small portion of the variation in people’s behavior, and when a variable has been studied multiple times, the findings often display significant variation.

You May Also Like