Antecedents of employee participation in internal control design and intent to comply with information system security policies

by Martinez, Andrew M., Ph.D., CAPELLA UNIVERSITY, 2015, 164 pages; 3728641


Many organizations recognize that information security compliance is important, and ensuring compliance to the internal control is essential for firm performance and reduction in audit fees, or decrease the probability of a security breach. This research explores the possibility of including the user stakeholder of information security policy or their representatives in the design of security controls as a possibility of reducing the risk associated with non-compliance to internal controls. User participation was evaluated against the breadth at which security concepts were discussed, the diversity in which members were included in the design of security policy, and the reporting of security issues by non-IT personnel. The User participation construct was evaluated against the Theory of Planned Behavior, measuring participant’s attitude toward compliance, subjective norms surrounding compliance, perceived behavioral control and the intent to comply with information security policy. The use of PLS-SEM regression statistical analysis suggests that User Participation has small to medium effect on the individual’s intent to comply with information system security policies. Specifically, all paths were significant with the exception of attitude towards compliance and perceptions of subjective norms towards compliance intentions. The proposed theoretical model accounted for 47% of the variance in the dependent variable, intent.

AdviserJohn Grillo
Source TypeDissertation
SubjectsManagement; Information technology; Organizational behavior
Publication Number3728641

About ProQuest Dissertations & Theses
With nearly 4 million records, the ProQuest Dissertations & Theses (PQDT) Global database is the most comprehensive collection of dissertations and theses in the world. It is the database of record for graduate research.

PQDT Global combines content from a range of the world's premier universities - from the Ivy League to the Russell Group. Of the nearly 4 million graduate works included in the database, ProQuest offers more than 2.5 million in full text formats. Of those, over 1.7 million are available in PDF format. More than 90,000 dissertations and theses are added to the database each year.

If you have questions, please feel free to visit the ProQuest Web site - - or contact ProQuest Support.