Nicklas Holmberg
Head of the Department of Informatics
Toward a unified model of information security policy compliance : A conceptual replication study
Author
Summary, in English
Moody et al. (2018) presented a unified model of information security policy compliance (UMISPC) to explain information systems security (ISS) behaviors. The model was empirically tested against 3 main types of security-related behavior: USB practices, not locking computers appropriately, and password issues. In this study, we present a conceptual replication of Moody et al. (2018) in order to provide stronger empirical support. To this end, our study has empirically examined UMISPC through three types of ISS behaviors within a work environment in the European Union (EU), where General Data Protection Regulation (GDPR) is in force. The replication of the empirical study with the three scenarios is original. While the replication in general highlights the strength of UMISPC, the results also indicate some differences from the original study and show that there is still room for improving some of its theoretical concepts.
Department/s
- Department of Informatics
Publishing year
2021
Language
English
Pages
1-15
Publication/Series
AIS Transactions on Replication Research
Volume
7
Issue
2
Links
Document type
Journal article
Publisher
AIS
Topic
- Information Systems, Social aspects
Keywords
- Information Security Policy, Conceptual Replication, UMISPC, Compliance
Status
Published
ISBN/ISSN/Other
- ISSN: 2473-3458