Abstract

An understanding of insider threats in information systems (IS) is important to help address one of the dangers lurking within organizations. This article provides a review of the literature on insider compliance (and failure of compliance) with information systems' policies in order to understand the status of IS research regarding negligent and malicious insiders. We begin by defining the terms, developing a new taxonomy of insiders, and then providing a comprehensive review of articles on IS policy compliance for the past 26 years. Grounding the analysis in the literature, we inductively identify four themes to foster Information Security policy compliance among employees. The themes are: 1) IS management philosophy, 2) procedural countermeasures, 3) technical countermeasures, and 4) environmental countermeasures. We propose that future research can draw upon these themes and use them as the building blocks of an indigenous IS security theory.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Effect of Fear on Behavioral Intention to Comply
Salman M. Faizi ... Shawon S. M. Rahman
-
Salman M. Faizi, et. al.Salman M. Faizi ... Shawon S. M. Rahman
15 May 2020
Six Design Theories for IS Security Policies and Guidelines
Mikko Siponen
Journal of the Association for Information Systems | VOL. 7
Mikko SiponenMikko Siponen
01 Jul 2006
About Our Authors
-
Information Systems Research | VOL. 23
--
01 Sep 2012
Exploring IS security themes: a literature analysis
Areej Alyami ... Carolanne Mahony
Journal of Decision Systems | VOL. 29
Areej Alyami, et. al.Areej Alyami ... Carolanne Mahony
18 Aug 2020
View more papers

More From: ACM SIGMIS Database: the DATABASE for Advances in Information Systems

Paper Title
Journal
Date
Author
Unintended Consequences of Technostress Mitigation: An Employee Perspective on the Effectiveness of Mitigation Measures
Lea Reis ... Tim Weitzel
ACM SIGMIS Database: the DATABASE for Advances in Information Systems | VOL. 55
Lea Reis, et. al.Lea Reis ... Tim Weitzel
29 Apr 2024
Virtual Reality in Digital Education: An Affordance Network Perspective on Effective Use Behavior
Jennifer Fromm ... Stefan Stieglitz
ACM SIGMIS Database: the DATABASE for Advances in Information Systems | VOL. 55
Jennifer Fromm, et. al.Jennifer Fromm ... Stefan Stieglitz
29 Apr 2024
The Limits of Empiricism: A Critique of Data-Driven Theory Development
Craig Van Slyke ... Arnold Kamis
ACM SIGMIS Database: the DATABASE for Advances in Information Systems | VOL. 55
Craig Van Slyke, et. al.Craig Van Slyke ... Arnold Kamis
29 Apr 2024
IT Research in Marginalized Contexts: An Evolving Landscape
K.D Joshi ... Xuefei (Nancy) Deng
ACM SIGMIS Database: the DATABASE for Advances in Information Systems | VOL. 55
K.D Joshi, et. al.K.D Joshi ... Xuefei (Nancy) Deng
29 Apr 2024
View more papers