Quality and fairness of an information security policy as antecedents of employees’ security engagement in the workplace: An empirical investigation

This paper investigates the impact of the characteristics of information security policy (ISP) on an employee’s security compliance in the workplace. Two factors were proposed as the antecedents of employees’ security compliance: ISP Fairness and ISP Quality. ISP Quality is comprised of three quality dimensions–Clarity, Completeness, and Consistency. It is shown that ISP fairness has a strong positive effect on an employee’s ISP Compliance. In addition, it is found that ISP quality does not only have a strong positive influence on an employee’s ISP compliance but also have a strong influence on an employee’s perceived ISP fairness. This study contributes to the literature by highlighting the importance of ISP characteristics; namely, ISP quality and ISP fairness as an organizational resource to enhance an organization’s information security.