0000000000591026
AUTHOR
Gregory D. Moody
Toward a Unified Model of Information Security Policy Compliance
Information systems security (ISS) behavioral research has produced different models to explain security policy compliance. This paper (1) reviews 11 theories that have served the majority of previous information security behavior models, (2) empirically compares these theories (Study 1), (3) proposes a unified model, called the unified model of information security policy compliance (UMISPC), which integrates elements across these extant theories, and (4) empirically tests the UMISPC in a new study (Study 2), which provided preliminary empirical support for the model. The 11 theories reviewed are (1) the theory of reasoned action, (2) neutralization techniques, (3) the health belief model,…
Using the theory of interpersonal behavior to explain non-work-related personal use of the Internet at work
Non-work-related personal use of the Internet within organizations has received increased attention from scholars. We increase previous understanding of this phenomenon by proposing a novel model based on the theory of interpersonal behavior (TIB). The TIB includes previous researched constructs (i.e., attitudes, social influence, and intentions) as well as emotional factors, habits, and different sources of social influence. Our results (N=238) suggest that the model well predicts the use of the Internet at work for non-work purposes. Our results shed new light on the influence of habit, affect, role, and self-concept in the use of the Internet.