• Corpus ID: 14125700

Reigning in the Remote Employee: Applying Social Learning Theory to Explain Information Security Policy Compliance Attitudes

  title={Reigning in the Remote Employee: Applying Social Learning Theory to Explain Information Security Policy Compliance Attitudes},
  author={Allen C. Johnston and Barbara Wech and Eric Jack and Michael Shank and Elizabeth Beavers},
In an era of heightened sensitivity to issues of privacy or information security, concerns over policy compliance by all employees is of great importance. Many organizations are increasing the resources devoted to compliance training and efforts to inform employees of proper compliance behavior. Compliance by remote employees, however, is especially challenging as they are often not privy to the same resources provided of their in-house counterparts. Through a survey of over 500 remote and in… 

Figures and Tables from this paper

A Meta-Analysis of Studies on Protection Motivation Theory and Information Security Behaviour

A meta-analysis of the protection motivation theory PMT is presented to assess how its efficacy is influenced by the information security behavior it is applied to.

Seeing the Forest and the Trees: A Meta-Analysis of the Antecedents to Information Security Policy Compliance

A meta-analysis of the relevant literature classified 401 independent variables into 17 distinct categories and analyzed each category’s relationship with security policy compliance, including an analysis for possible domain-specific moderators.

The Theory of Planned Behavior and Information Security Policy Compliance

A meta-analysis of published tests on information security behavior and a review of the literature in related fields are used to identify variables that have the potential to improve the theory’s predictions, and the results suggest that the variables anticipated regret and habit improve the predictions.

Information security awareness and behavior: a theory-based literature review

Purpose – This paper aims to provide an overview of theories used in the field of employees’ information systems (IS) security behavior over the past decade. Research gaps and implications for future

Enterprise Information Security Awareness and Behavior as an Element of Security Culture During Remote Work

In this chapter, a literature review will be conducted for information security awareness and information security familiarity concepts and analysis of the context of these concepts is the aim of this chapter.

Reliable Behavioural Factors in the Information Security Context

The results indicate that 11 out of the 14 factors from well established behavioural theories can be associated with reliable effects in the information security context and are of interest to information security professionals.

Factors that Affect the Success of Security Education, Training, and Awareness Programs: A Literature Review

Factors that affect the success of security education, training, and awareness (SETA) programs are identified and organized in a conceptual classification that can help one to design and develop SETA programs and to establish suitable conditions for integrating them into organizations.

Which are the Most Effective Measures for Improving Employees' Security Compliance?

The results provide managers with a quantitative assessment of these 15 security measures and show and explain which type of information security agent is most effective.

Measuring employees' compliance - the importance of value pluralism

This paper aims to investigate two different types of compliance measures: the first measure is a value-monistic compliance measure, whereas the second is avalue-pluralistic measure, whose purpose is to establish a baseline for this type of compliance measure.

A Meta-Analysis of Studies on Protection Motivation Theory and Information Security Behavior

The behavior of individuals is imperative to the information security of organizations and individuals. This paper presents a meta-analysis of the protection motivation theory’s (PMT) ability to



A Self-Efficacy Theory Explanation for the Management of Remote Workers in Virtual Organizations

Strong relationships were observed between employees' remote work self-efficacy judgments and several antecedents, including remote work experience and training, best practices modeling by management, computer anxiety, and IT capabilities.

User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach

An extended deterrence theory model is presented that combines work from criminology, social psychology, and information systems and suggests that user awareness of security countermeasures directly influences the perceived certainty and severity of organizational sanctions associated with IS misuse, which leads to reduced IS misuse intention.

Situational Support, Privacy Regulation, and Stress

There is substantial evidence that people have difficulty asking someone to leave in order to obtain solitude. This study evaluated the hypotheses that (a) people regulate privacy to the extent that

Diffusing the Internet in the Arab world: the role of social norms and technological culturation

Examination of culture-specific inducements and impediments to using the Internet in the Arab world identifies how culture can both inhibit and encourage technological innovation and how Arab cultures can move their economies more quickly into the digital age.


CIVIL rights legislation, the attendant actions of compliance agencies, and a few landmark court cases have provided the impetus for the extension of the application of content validity from academic

Self‐monitoring and turnover: The impact of personality on intent to leave

Employee turnover is a topic of considerable interest within most organizations. Despite years of research, the antecedents of turnover remain elusive. Traditionally, studies have focused on job

The effects of attitude, subjective norm and self-efficacy on intention to benchmark: A comparison between managers with experience and no experience in benchmarking.

Competitive benchmarking is a management technique used to compare company performance. The practices and processes of one's own organization are compared with the best performance of other

Validation in Information Systems Research: A State-of-the-Art Assessment

If and how the field has advanced in instrument validation is determined, and approaches are suggested for reinvigorating the quest for validation in IS research via content/construct validity, reliability, and manipulation validity.