Information Security Policy Compliance: Usefulness and Ease of Use

Abstract

Various information security (IS) standards and frameworks have been proposed with the objective of safeguarding an organization’s information assets. The Information Security Policy (ISP) is one of the tools for managing the IS. ISP compliance continues to be a topic of interest in the IS area. This paper presents a quantitative, descriptive and cross-sectional research of the critical factors in ISP compliance. Data were collected from 103 security professionals. The relationships between the factors perceived ease of use (PEU), perceived usefulness (PU), security knowledge (SK) and security culture (SC) and ISP Compliance Intention (INT) were analysed. The results show that PU and PEU factors are strongly related to INT, while the SK and SC factors are significant related to INT.