D3 Article in professional conference proceedings
Influence of Organizational Culture on Employees’ Compliance with Information Security Policy : Ethiopian and Finland Companies (2021)

Tadesse, K., Siponen, M. T., & Muluneh, T. (2021). Influence of Organizational Culture on Employees’ Compliance with Information Security Policy : Ethiopian and Finland Companies. In MWAIS 2021 Proceedings : The 16th Annual Conference of the Midwest Association for Information Systems. Midwest Association for Information Systems. https://aisel.aisnet.org/mwais2021/18/

JYU authors or editors

Publication details

All authors or editors: Tadesse, Kibrom; Siponen, Mikko T.; Muluneh, Tilahun

Parent publication: MWAIS 2021 Proceedings : The 16th Annual Conference of the Midwest Association for Information Systems

Place and date of conference: Virtual, 20.5.2021

Publication year: 2021

Publisher: Midwest Association for Information Systems

Publication country: United States

Publication language: English

Persistent website address: https://aisel.aisnet.org/mwais2021/18/

Publication open access: Not open

Publication channel open access:

Additional information: Hosted virtually by Bradley University.

Abstract

Employees' noncompliance with Information security policies (ISPs) has been a central concern and a problematic issue to organizations worldwide. Concerning this matter, researchers who have examined information security have identified that many organizations have focused on information security's technical aspects, including hardware and software measures. However, using only technical actions is insufficient; the nontechnical dimension, such as human/people, social and organizational aspects, should be included to ensure a secure information system environment. For instance, very little is known about how organizational culture affects the implementation of information security policy, which has not been rigorously examined. Thus, this study is conducted to assess the moderating effect of organizational culture on employees' intention to comply with ISP. A research model is built using computing value framework (CVF) organizational culture theory and rational choice theory constructs. We use the survey method to collect data from companies in Ethiopia and Finland.

Keywords: organisations (systems); data security; data protection; employees; compliance; organisational culture; data security policy; data systems; risks; risk management

Contributing organizations

Ministry reporting: Yes

Reporting Year: 2021