Applying Information-Motivation-Behavioral Skills Model to Improve Information Security Policy Compliance among Employees
| dc.contributor.author | Välimäki, Tommi | |
| dc.contributor.department | fi=Tulevaisuuden teknologioiden laitos|en=Department of Future Technologies| | |
| dc.contributor.faculty | fi=Luonnontieteiden ja tekniikan tiedekunta|en=Faculty of Science and Engineering| | |
| dc.contributor.studysubject | fi=Tietotekniikka|en=Information and Communication Technology| | |
| dc.date.accessioned | 2019-06-24T21:00:34Z | |
| dc.date.available | 2019-06-24T21:00:34Z | |
| dc.date.issued | 2019-06-07 | |
| dc.description.abstract | Information security policy (ISP) compliance of employees is a big concern for companies because the employees themselves present a major IS threat. Companies mitigate this concern by improving the ISP compliant behavior of their employees. However, to effectively improve the ISP compliant behavior of employees, understanding of how the ISP compliance behavior of employees can be improved is needed. The main purpose of this thesis is to investigate how the ISP compliance behavior of employees can be improved. In this regard, the Information-Motivation-Behavioral Skills (IMB) Model has been used as the theoretical model, which has never been used in this context before. According to the IMB Model, behavior (ISP Compliance) is affected by behavioral skills (self-efficacy) of the employees, which in turn, is affected by the information (ISP awareness), and motivation (attitude towards ISP and social norms). Additionally, the thesis’s goals were to identify which IMB constructs predict ISP compliant behavior of employees and if there are differences to the ISP compliance levels between companies’ departments. Data was collected from 137 employees of two Finnish companies working in the building materials manufacturing business, using an online survey in Finnish language. The research model was tested using structural equation modeling in SmartPLS 3.0 environment. The results confirmed the IMB model is appropriate to explain and predict ISP compliant behavior of employees. The findings indicate that employees’ attitude and self-efficacy towards ISP compliance are the strongest predictors of ISP compliant behavior and that ISP compliance awareness is a vital contributor to employees’ self-efficacy towards ISP compliance. Thus, companies can improve ISP compliance by boasting employees’ confidence towards ISP compliance and taking measures to change employees’ attitude towards ISP compliance, and indirectly by increasing the ISP compliance awareness level of the employees. | |
| dc.format.extent | 89 | |
| dc.identifier.olddbid | 164871 | |
| dc.identifier.oldhandle | 10024/148030 | |
| dc.identifier.uri | https://www.utupub.fi/handle/11111/20620 | |
| dc.identifier.urn | URN:NBN:fi-fe2019062421746 | |
| dc.language.iso | eng | |
| dc.rights | fi=Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.|en=This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.| | |
| dc.rights.accessrights | suljettu | |
| dc.source.identifier | https://www.utupub.fi/handle/10024/148030 | |
| dc.subject | Information security, Information Security Policy, Information-Motivation-Behavioral Skills (IMB) Model, SEM, SmartPLS | |
| dc.title | Applying Information-Motivation-Behavioral Skills Model to Improve Information Security Policy Compliance among Employees | |
| dc.type.ontasot | fi=Diplomityö|en=Master's thesis| |
Tiedostot
1 - 1 / 1