How employees intend to continue complying with information systems’ security policies : insights from information systems’ continuance model

Abed, Javad
Nowadays Information Systems (IS) are crucial for the survival of the modern organizations since they usually hold critical and valuable organizational data. Because of the potential threats like misuse, theft and destruction of the important data, It is obvious that organizations have to use several methods to keep their IS assets safe. In other words, the modern organizations should have a well-established IS security policy to address security issues. As employees are the weakest link in the security chain, having well-established security policies is not enough for solving security problems completely. They should also utilize proper methods for ensuring the employees’ compliance with security policies. So investigating the employees’ compliance behavior is important issue for IS security management success. Several researchers have studied the compliance behavior by using different conceptual models including technology acceptance model (TAM), theory of planned behavior (TPB), deterrence, neutralization and etc. However, there is no study for investigating continuance of the security compliance. It is very important for organizations that employees comply with IS security policies and continue complying. This study aims to fill this gap on IS security research and to probe the important factors that lead employees to have continuous security compliance behavior by using IS continuance model. The analysis of data collected from 270 employees in banking organizations shows that employees’ perceived satisfaction and perceived usefulness directly influence continuance intention to comply with IS security policies.