Abstract
Most theories of information security policy (ISP), except a few focused on the insider-centric view, are grounded in the control-centric perspective, and most ISP compliance models stem from Western countries. Regulatory focus theory (RFT) proposes two modes of motivational regulation, promotion and prevention focused that are supposed to motivate employee compliance in a trade-off. Culture is crucial to the study of ISP that puts control over human connections. Chinese guanxi, a specific dimension of Chinese culture, is better understood underlying the trust-distrust frame. To bridge the theoretical gap between the control-centric and the insider-centric perspectives, we develop an ISP behavioral model by taking an integrated approach from RFT and the trust-distrust frame. We employed scenario-based events about information security misconduct in the workplace to examine employees’ compliance intention and non-violation choice of ISP upon counterfactual thinking. Our empirical results improve the theoretical and practical implications of security practices.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
