Please use this identifier to cite or link to this item:
https://www.um.edu.mt/library/oar/handle/123456789/120786
Title: | Adapting information security policy messaging styles to the targeted audience |
Other Titles: | Digital transformation, strategic resilience, cyber security and risk management |
Authors: | Denis, Arnaud Volkova, Tatjana Grima, Simon Noja, Graţiela Georgiana Cristea, Mirela |
Keywords: | Computer security -- Law and legislation Information technology -- Research Information policy Information behavior Computer networks -- Security measures Cyberspace -- Security measures |
Issue Date: | 2023 |
Publisher: | Emerald Publishing Limited |
Citation: | Denis, A., Volkova, T., Grima, S., Noja, G. G., & Cristea, M. (2023). Adapting information security policy messaging styles to the targeted audience. In S. Grima, E. Thalassinos, M. Cristea, M. Kadłubek, D. Maditinos & L. Peiseniece (Eds.), Digital transformation, strategic resilience, cyber security and risk management (pp. 115-131). United Kingdom: Emerald Publishing Limited |
Abstract: | Current research aims to investigate whether it would be possible to identify all information security policy (ISP) writing styles and how these would influence ISP compliance. Almost all businesses use ISPs to establish boundaries and require secure behaviour from their employees. Unfortunately, professional surveys and academic research demonstrate a high level of non-compliance with the ISP. While the justification for the employee’s behaviour has been discussed, very few research papers have investigated whether the ISP writing style impacted the intent to comply with ISP. The research methodology incorporates content analysis and a quantitative descriptive review of published papers on ISP and non-IS policy compliance. The theoretical research allowed the identification of five major ISP writing styles: belonging, deterrence, goal, motivation, and specialist, as well as writing style influencers such as timeliness and readability. To achieve a higher level of compliance with the ISP, it was suggested that the writing styles of belonging, goal, and motivation be used primarily. Deterrence is generally discouraged. The study enabled us to determine when ISP writing styles were mentioned and the type of influence on the intent to comply with ISP. It also allowed for comparison and possible differences in ISPs versus standard workplace policies. There are proposals on which writing styles to put forward, along with recommendations on creating an ISP. |
URI: | https://www.um.edu.mt/library/oar/handle/123456789/120786 |
Appears in Collections: | Scholarly Works - FacEMAIns |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
Adapting_Information_Security_Policy_Messaging_Styles_to_the_Targeted_Audience_2023.pdf Restricted Access | 1.17 MB | Adobe PDF | View/Open Request a copy |
Items in OAR@UM are protected by copyright, with all rights reserved, unless otherwise indicated.