Autonomous Motivation and Information Security Policy Compliance: Role of Job Satisfaction, Responsibility, and Deterrence

• Published in: Journal of organizational and end user computing Vol. 33; no. 6; pp. 1 - 17
• Main Authors: Hong, Yuxiang, Xu, Mengyi
• Format: Journal Article
• Language: English
• Published: Hershey IGI Global 01.11.2021
• Subjects: Accounting firms; Accounting services; Analysis; Beliefs, opinions and attitudes; Computer industry; Employee attitudes; Employees; Job satisfaction; Microcomputer industry; Motivation; Regression analysis; Security; Security management; Surveys; United States; United Kingdom
• ISSN: 1546-2234; 1546-5012
• DOI: 10.4018/JOEUC.20211101.oa9

Many existing studies focus on the effect of external influence mechanisms (e.g., deterrence) impacting information security policy compliance (ISPC). This study explores the formation of ISPC from an autonomous motivation perspective, based on social exchange theory and self-determination theory. Data were gathered by conducting a survey of 261 employees, with hierarchical regression analysis being used to test our hypotheses.The results indicated the following: First, job satisfaction and personal responsibility positively impact ISPC. Second, job satisfaction perceived by employees is positively linked to personal responsibility, where deterrence severity has a negative moderating effect on this relationship. Finally, personal responsibility mediates the relationship between job satisfaction and ISPC. This study suggests that organizational support should focus on promoting perceived self-determination of employees, and that deterrence should be maintained at a moderate level to adapt to the organization's security strategy and information security environment.