{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T16:58:37Z","timestamp":1742921917539,"version":"3.40.3"},"publisher-location":"Cham","reference-count":91,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031840777"},{"type":"electronic","value":"9783031840784"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-84078-4_25","type":"book-chapter","created":{"date-parts":[[2025,3,12]],"date-time":"2025-03-12T19:06:34Z","timestamp":1741806394000},"page":"365-377","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["End-User Compliance with Information Security Policy Framework for Government Departments in South Africa"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-3399-1166","authenticated-orcid":false,"given":"Sakhile Charity Dories","family":"Lekhuleni","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9777-8721","authenticated-orcid":false,"given":"Ad\u00e9le","family":"Da Veiga","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,3,13]]},"reference":[{"key":"25_CR1","doi-asserted-by":"publisher","unstructured":"Mandal, D.: Towards an ontology for enterprise level information security policy analysis, pp. 492\u2013499 (2021). https:\/\/doi.org\/10.5220\/0010248004920499","DOI":"10.5220\/0010248004920499"},{"key":"25_CR2","doi-asserted-by":"publisher","unstructured":"Wu, R., Ahn, G.-J., Hu, H.: Towards HIPAA-compliant healthcare systems. In: Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium - IHI 2012, p. 593 (2012). https:\/\/doi.org\/10.1145\/2110363.2110429","DOI":"10.1145\/2110363.2110429"},{"key":"25_CR3","doi-asserted-by":"publisher","unstructured":"Alzahrani, L.: Factors impacting users\u2019 compliance with information security policies: an empirical study. Int. J. Adv. Comput. Sci. Appl. 12, 437\u2013447 (2021). https:\/\/doi.org\/10.14569\/IJACSA.2021.0121049","DOI":"10.14569\/IJACSA.2021.0121049"},{"key":"25_CR4","doi-asserted-by":"crossref","unstructured":"Beautement, A., Sasse, M.A., Wonham, M.: The compliance budget: managing security behaviour in organisations, p. 134 (2008)","DOI":"10.1145\/1595676.1595684"},{"key":"25_CR5","doi-asserted-by":"crossref","unstructured":"Ali, R.F., Dominic, P.D.D., Emad, S., Ali, A., Rehman, M.: Information security behavior and information security policy compliance: a systematic literature review for identifying the transformation process from noncompliance to compliance (2021)","DOI":"10.3390\/app11083383"},{"key":"25_CR6","unstructured":"Alotaibi, M., Furnell, S., Clarke, N.: Information security policies: a review of challenges and influencing factors (2014)"},{"key":"25_CR7","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijinfomgt.2020.102152","volume":"54","author":"C Liu","year":"2020","unstructured":"Liu, C., Wang, N., Liang, H.: Motivating information security policy compliance: the critical role of supervisor-subordinate Guanxi and organizational commitment. Int. J. Inf. Manag. 54, 102152 (2020). https:\/\/doi.org\/10.1016\/j.ijinfomgt.2020.102152","journal-title":"Int. J. Inf. Manag."},{"key":"25_CR8","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.cose.2015.10.006","volume":"56","author":"N Sohrabi Safa","year":"2016","unstructured":"Sohrabi Safa, N., Von Solms, R., Furnell, S.: Information security policy compliance model in organizations. Comput. Secur. 56, 1\u201313 (2016). https:\/\/doi.org\/10.1016\/j.cose.2015.10.006","journal-title":"Comput. Secur."},{"key":"25_CR9","doi-asserted-by":"publisher","unstructured":"Aurigemma, S., Panko, R.: A composite framework for behavioral compliance with information security policies. In: Proceedings of the Annual Hawaii International Conference on System Sciences, pp. 3248\u20133257 (2012). https:\/\/doi.org\/10.1109\/HICSS.2012.49","DOI":"10.1109\/HICSS.2012.49"},{"key":"25_CR10","unstructured":"Mani, D., Mubarak, S., Heravi, A., Choo, K.-K.R.: Employees\u2019 intended information security behaviour in real estate organisations: a protection motivation perspective. In: 2015 Americas Conference on Information Systems, AMCIS 2015, pp. 1\u201311 (2015)"},{"key":"25_CR11","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1145\/2738210.2738216","volume":"45","author":"I Kirlappos","year":"2015","unstructured":"Kirlappos, I., Parkin, S., Sasse, M.A.: \u201cShadow security\u201d as a tool for the learning organization. ACM SIGCAS Comput. Soc. 45, 29\u201337 (2015). https:\/\/doi.org\/10.1145\/2738210.2738216","journal-title":"ACM SIGCAS Comput. Soc."},{"key":"25_CR12","doi-asserted-by":"publisher","unstructured":"Tsohou, A., Karyda, M., Kokolakis, S.: Analyzing the role of cognitive and cultural biases in the internalization of information security policies: recommendations for information security awareness programs. Comput. Secur. 52, 1\u201324 (2015). https:\/\/doi.org\/10.1016\/j.cose.2015.04.006","DOI":"10.1016\/j.cose.2015.04.006"},{"key":"25_CR13","unstructured":"Ponemon Institute: 2022 Cost of Insider Threats Report Global Report (2022)"},{"key":"25_CR14","doi-asserted-by":"publisher","first-page":"126","DOI":"10.1145\/1666420.1666453","volume":"53","author":"SD Cannoy","year":"2010","unstructured":"Cannoy, S.D., Salam, A.F.: A framework for health care information assurance policy and compliance. Commun. ACM 53, 126 (2010). https:\/\/doi.org\/10.1145\/1666420.1666453","journal-title":"Commun. ACM"},{"key":"25_CR15","doi-asserted-by":"publisher","DOI":"10.1016\/j.im.2019.02.006","volume":"56","author":"JD Arcy","year":"2019","unstructured":"Arcy, J.D., Teh, P.: Predicting employee information security policy compliance on a daily basis: the interplay of security-related stress, emotions, and neutralization. Inf. Manag. 56, 103151 (2019). https:\/\/doi.org\/10.1016\/j.im.2019.02.006","journal-title":"Inf. Manag."},{"key":"25_CR16","doi-asserted-by":"publisher","unstructured":"Bulgurcu, B., Cavusoglu, H., Benbasat, I.: Effects of individual and organization based beliefs and the moderating role of work experience on insiders\u2019 good security behaviors. In: Proceedings of the 12th IEEE International Conference on Computational Science and Engineering, CSE 2009, vol. 3, pp. 476\u2013481 (2009). https:\/\/doi.org\/10.1109\/CSE.2009.484","DOI":"10.1109\/CSE.2009.484"},{"key":"25_CR17","doi-asserted-by":"publisher","unstructured":"Beris, O., Beautement, A., Sasse, M.A.: Employee rule breakers, excuse makers and security champions: mapping the risk perceptions and emotions that drive security behaviors. In: Proceedings of the 2015 New Security Paradigms Workshop, pp. 73\u201384 (2015). https:\/\/doi.org\/10.1145\/2841113.2841119","DOI":"10.1145\/2841113.2841119"},{"key":"25_CR18","doi-asserted-by":"crossref","unstructured":"Ng, B.Y., Kankanhalli, A., (Calvin) Xu, Y.: Studying users\u2019 computer security behavior: a health belief perspective. Decis. Support Syst. 46, 815\u2013825 (2009)","DOI":"10.1016\/j.dss.2008.11.010"},{"key":"25_CR19","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1016\/j.dss.2016.09.009","volume":"92","author":"A Yazdanmehr","year":"2016","unstructured":"Yazdanmehr, A., Wang, J.: Employees\u2019 information security policy compliance: a norm activation perspective. Decis. Support. Syst. 92, 36\u201346 (2016). https:\/\/doi.org\/10.1016\/j.dss.2016.09.009","journal-title":"Decis. Support. Syst."},{"key":"25_CR20","doi-asserted-by":"publisher","unstructured":"Topa, I., Karyda, M.: Identifying factors that influence employees\u2019 security behavior for enhancing ISP compliance. In: Fischer-H\u00fcbner, S., Lambrinoudakis, C., L\u00f3pez, J. (eds.) TrustBus 2015. LNCS, vol. 9264, pp. 169\u2013179. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-22906-5_13","DOI":"10.1007\/978-3-319-22906-5_13"},{"key":"25_CR21","unstructured":"Shih, S.P., Liou, J.Y.: Investigate the effects of information security climate and psychological ownership on information security policy compliance. In: Proceedings of the Pacific Asia Conference on Information Systems, PACIS 2015 (2015)"},{"key":"25_CR22","unstructured":"Caryn, D.: Cyberattacks\u202f: South Africa, you\u2019ve been hacked (2021). https:\/\/www.dailymaverick.co.za\/article\/2021-11-06-cyberattacks-south-africa-youve-been-hacked"},{"key":"25_CR23","unstructured":"Toyana, M.: Cyber bandits target South Africa: Department of Justic... (2021). https:\/\/www.dailymaverick.co.za\/article\/2021-09-09-cyber-bandits-target-south-africa-department-of-justice-space-agency-hit-by-ransomware-attacks\/"},{"key":"25_CR24","doi-asserted-by":"publisher","unstructured":"Balozian, P., Leidner, D.: Review of IS security policy compliance. ACM SIGMIS Database DATABASE Adv. Inf. Syst. 48, 11\u201343 (2017). https:\/\/doi.org\/10.1145\/3130515.3130518","DOI":"10.1145\/3130515.3130518"},{"key":"25_CR25","unstructured":"Corpuz, M.S.: The enterprise information security policy as a strategic business policy within the corporate strategic plan. In: Proceedings of the 15th Multi-Conference on Systemics, Cybernetics and Informatics, WMSCI 2011: Volume III, Orlando, FL, USA, pp. 275-279. International Institute of Informatics and Systemics (IIIS) (2011)"},{"key":"25_CR26","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101594","volume":"87","author":"S Hina","year":"2019","unstructured":"Hina, S., Durai, D., Panneer, D., Benjamin, P.: Institutional governance and protection motivation: theoretical insights into shaping employees \u2019 security compliance behavior in higher education institutions in the developing world. Comput. Secur. 87, 101594 (2019). https:\/\/doi.org\/10.1016\/j.cose.2019.101594","journal-title":"Comput. Secur."},{"key":"25_CR27","doi-asserted-by":"crossref","unstructured":"Bulgurcu, B., Cavusoglu, H., Benbasat, I.: Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS Quart. 34, 523\u2013548 (2010)","DOI":"10.2307\/25750690"},{"key":"25_CR28","doi-asserted-by":"publisher","DOI":"10.1016\/j.dss.2023.114086","volume":"177","author":"A Yazdanmehr","year":"2024","unstructured":"Yazdanmehr, A., Jawad, M., Benbunan-Fich, R., Wang, J.: The role of ethical climates in employee information security policy violations. Decis. Support. Syst. 177, 114086 (2024). https:\/\/doi.org\/10.1016\/j.dss.2023.114086","journal-title":"Decis. Support. Syst."},{"key":"25_CR29","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103253","volume":"130","author":"R Jiang","year":"2023","unstructured":"Jiang, R., Zhang, J.: The impact of work pressure and work completion justification on intentional nonmalicious information security policy violation intention. Comput. Secur. 130, 103253 (2023). https:\/\/doi.org\/10.1016\/j.cose.2023.103253","journal-title":"Comput. Secur."},{"key":"25_CR30","doi-asserted-by":"publisher","first-page":"433","DOI":"10.1111\/isj.12043","volume":"25","author":"PB Lowry","year":"2015","unstructured":"Lowry, P.B., Moody, G.D.: Proposing the control-reactance compliance model (CRCM) to explain opposing motivations to comply with organisational information security policies. Inf. Syst. J. 25, 433\u2013463 (2015). https:\/\/doi.org\/10.1111\/isj.12043","journal-title":"Inf. Syst. J."},{"key":"25_CR31","unstructured":"Mahmoud, A.Y.: Information security policies and their relationship with the effectiveness of the management information systems of major Palestinian universities in the Gaza Strip. Int.  J.  Inf.  Sci. Manag. (IJISM) 15, 1\u201326 (2017)"},{"key":"25_CR32","unstructured":"Da Veiga, A.: The influence of information security policies on information security culture: illustrated through a case study, pp. 22\u201333 (2015)"},{"key":"25_CR33","doi-asserted-by":"publisher","first-page":"138","DOI":"10.1016\/j.jebo.2023.05.033","volume":"212","author":"YJ Li","year":"2023","unstructured":"Li, Y.J., Hoffman, E.: Designing an incentive mechanism for information security policy compliance: an experiment. J. Econ. Behav. Organ. 212, 138\u2013159 (2023). https:\/\/doi.org\/10.1016\/j.jebo.2023.05.033","journal-title":"J. Econ. Behav. Organ."},{"key":"25_CR34","doi-asserted-by":"publisher","unstructured":"Parsons, K., Mccormac, A., Butavicius, M., Ferguson, L.: Human factors and information security: individual, culture and security environment. Command Control Commun. Intell. Div. 45 (2010). https:\/\/doi.org\/10.14722\/ndss.2014.23268","DOI":"10.14722\/ndss.2014.23268"},{"key":"25_CR35","doi-asserted-by":"publisher","first-page":"296","DOI":"10.1016\/j.im.2011.07.002","volume":"48","author":"J Son","year":"2011","unstructured":"Son, J.: Information & management out of fear or desire? Toward a better understanding of employees\u2019 motivation to follow IS security policies. Inf. Manag. 48, 296\u2013302 (2011). https:\/\/doi.org\/10.1016\/j.im.2011.07.002","journal-title":"Inf. Manag."},{"key":"25_CR36","doi-asserted-by":"publisher","unstructured":"Julisch, K.: Security compliance, p. 71 (2009). https:\/\/doi.org\/10.1145\/1595676.1595687","DOI":"10.1145\/1595676.1595687"},{"key":"25_CR37","doi-asserted-by":"publisher","unstructured":"Bauer, S., Bernroider, E.W.N.: From information security awareness to reasoned compliant action. ACM SIGMIS Database DATABASE Adv. Inf. Syst. 48, 44\u201368 (2017). https:\/\/doi.org\/10.1145\/3130515.3130519","DOI":"10.1145\/3130515.3130519"},{"key":"25_CR38","doi-asserted-by":"publisher","first-page":"254","DOI":"10.1177\/01655515221087680","volume":"50","author":"RF Ali","year":"2024","unstructured":"Ali, R.F., Dominic, P.D.D.: Investigation of information security policy violations among oil and gas employees: a security-related stress and avoidance coping perspective. J. Inf. Sci. 50, 254\u2013272 (2024). https:\/\/doi.org\/10.1177\/01655515221087680","journal-title":"J. Inf. Sci."},{"key":"25_CR39","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103208","volume":"129","author":"MN Alraja","year":"2023","unstructured":"Alraja, M.N., Butt, U.J., Abbod, M.: Information security policies compliance in a global setting: an employee\u2019s perspective. Comput. Secur. 129, 103208 (2023). https:\/\/doi.org\/10.1016\/j.cose.2023.103208","journal-title":"Comput. Secur."},{"key":"25_CR40","doi-asserted-by":"publisher","first-page":"83","DOI":"10.1016\/j.cose.2011.10.007","volume":"31","author":"P Ifinedo","year":"2012","unstructured":"Ifinedo, P.: Understanding information systems security policy compliance: an integration of the theory of planned behavior and the protection motivation theory. Comput. Secur. 31, 83\u201395 (2012). https:\/\/doi.org\/10.1016\/j.cose.2011.10.007","journal-title":"Comput. Secur."},{"key":"25_CR41","doi-asserted-by":"publisher","first-page":"447","DOI":"10.1016\/j.cose.2013.09.009","volume":"39","author":"L Cheng","year":"2013","unstructured":"Cheng, L., Li, Y., Li, W., Holm, E., Zhai, Q.: Understanding the violation of IS security policy in organizations: an integrated model based on social control and deterrence theory. Comput. Secur. 39, 447\u2013459 (2013). https:\/\/doi.org\/10.1016\/j.cose.2013.09.009","journal-title":"Comput. Secur."},{"key":"25_CR42","doi-asserted-by":"publisher","first-page":"573","DOI":"10.1016\/j.joes.2022.05.023","volume":"8","author":"X Wang","year":"2023","unstructured":"Wang, X., Wang, C., Sun, Z., Wang, C.: An optimal coupling incentive mechanism concerning insider\u2019s compliance behavior towards marine information security policy. J. Ocean Eng. Sci. 8, 573\u2013575 (2023). https:\/\/doi.org\/10.1016\/j.joes.2022.05.023","journal-title":"J. Ocean Eng. Sci."},{"key":"25_CR43","doi-asserted-by":"publisher","unstructured":"Al-Omari, A., Deokar, A., El-Gayar, O., Walters, J., Aleassa, H.: Information security policy compliance: an empirical study of ethical ideology. In: Proceedings of the Annual Hawaii International Conference on System Sciences, pp. 3018\u20133027 (2013). https:\/\/doi.org\/10.1109\/HICSS.2013.272","DOI":"10.1109\/HICSS.2013.272"},{"key":"25_CR44","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102267","volume":"106","author":"K Khando","year":"2021","unstructured":"Khando, K., Gao, S., Islam, S.M., Salman, A.: Enhancing employees information security awareness in private and public organisations: a systematic literature review. Comput. Secur. 106, 102267 (2021). https:\/\/doi.org\/10.1016\/j.cose.2021.102267","journal-title":"Comput. Secur."},{"key":"25_CR45","doi-asserted-by":"publisher","unstructured":"Faizi, S.M., Rahman, S.S.M.: Effect of fear on behavioral intention to comply. In: ACM International Conference Proceeding Series, pp. 65\u201370 (2020). https:\/\/doi.org\/10.1145\/3404663.3404685","DOI":"10.1145\/3404663.3404685"},{"key":"25_CR46","unstructured":"PwC: The Global State of Survey 2018 Singapore highlights (2018)"},{"key":"25_CR47","unstructured":"PWC: The Global State of Survey 2020 (2020)"},{"key":"25_CR48","unstructured":"CISCO: Security Outcomes Report. 3 (2022)"},{"key":"25_CR49","doi-asserted-by":"publisher","first-page":"162687","DOI":"10.1109\/ACCESS.2021.3132574","volume":"9","author":"M Alassaf","year":"2021","unstructured":"Alassaf, M., Alkhalifah, A.: Exploring the influence of direct and indirect factors on information security policy compliance: a systematic literature review. IEEE Access 9, 162687\u2013162705 (2021). https:\/\/doi.org\/10.1109\/ACCESS.2021.3132574","journal-title":"IEEE Access"},{"key":"25_CR50","doi-asserted-by":"publisher","unstructured":"Niekerk, J.F.V., Solms, R.V.: Information security culture: a management perspective. Comput. Secur. 29, 476\u2013486 (2010). https:\/\/doi.org\/10.1016\/j.cose.2009.10.005","DOI":"10.1016\/j.cose.2009.10.005"},{"key":"25_CR51","doi-asserted-by":"publisher","unstructured":"Stewart, H., J\u00fcrjens, J.: Information security management and the human aspect in organizations. Inf. Comput. Secur. 25, 494\u2013534 (2017). https:\/\/doi.org\/10.1108\/ICS-07-2016-0054","DOI":"10.1108\/ICS-07-2016-0054"},{"key":"25_CR52","doi-asserted-by":"publisher","unstructured":"Al-Omari, A., El-Gayar, O., Deokar, A.: Security policy compliance: user acceptance perspective. In: Proceedings of the Annual Hawaii International Conference on System Sciences, pp. 3317\u20133326 (2012). https:\/\/doi.org\/10.1109\/HICSS.2012.516","DOI":"10.1109\/HICSS.2012.516"},{"key":"25_CR53","unstructured":"Kitchenham, B.: Procedures for performing systematic reviews. UK Keele Univ. 33, 28 (2004). https:\/\/doi.org\/10.1.1.122.3308"},{"key":"25_CR54","doi-asserted-by":"publisher","first-page":"1291","DOI":"10.1016\/j.jclinepi.2014.03.013","volume":"67","author":"HL Colquhoun","year":"2014","unstructured":"Colquhoun, H.L., et al.: Scoping reviews: time for clarity in definition, methods, and reporting. J. Clin. Epidemiol. 67, 1291\u20131294 (2014). https:\/\/doi.org\/10.1016\/j.jclinepi.2014.03.013","journal-title":"J. Clin. Epidemiol."},{"key":"25_CR55","doi-asserted-by":"publisher","unstructured":"Page, M.J., et al.: The PRISMA 2020 statement: an updated guideline for reporting systematic reviews. BMJ, 372 (2021). https:\/\/doi.org\/10.1136\/bmj.n71","DOI":"10.1136\/bmj.n71"},{"key":"25_CR56","doi-asserted-by":"publisher","unstructured":"Furlan, A.D., Pennick, V., Bombardier, C., Van Tulder, M.: 2009 Updated method guidelines for systematic reviews in the cochrane back review group. Spine (Phila. Pa 1976) 34, 1929\u20131941 (2009). https:\/\/doi.org\/10.1097\/BRS.0b013e3181b1c99f","DOI":"10.1097\/BRS.0b013e3181b1c99f"},{"key":"25_CR57","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1016\/j.cose.2017.04.009","volume":"68","author":"S Bauer","year":"2017","unstructured":"Bauer, S., Bernroider, E.W.N., Chudzikowski, K.: Prevention is better than cure! Designing information security awareness programs to overcome users\u2019 non-compliance with information security policies in banks. Comput. Secur. 68, 145\u2013159 (2017). https:\/\/doi.org\/10.1016\/j.cose.2017.04.009","journal-title":"Comput. Secur."},{"key":"25_CR58","doi-asserted-by":"publisher","first-page":"1375","DOI":"10.22495\/cocv13i1c11p9","volume":"13","author":"N Mavetera","year":"2015","unstructured":"Mavetera, N., Moroke, N.D., Sebetlele, A.: An empirical study of staff compliance to information security policy in a South African municipality. Corp. Ownersh. Control 13, 1375\u20131384 (2015)","journal-title":"Corp. Ownersh. Control"},{"key":"25_CR59","doi-asserted-by":"publisher","unstructured":"Johnston, A.C., Warkentin, M., Siponen, M.: An enhanced fear appeal rhetorical framework: leveraging threats to the human asset through sanctioning rhetoric. MIS Q. 39, 113\u2013134 (2017). https:\/\/doi.org\/10.25300\/misq\/2015\/39.1.06","DOI":"10.25300\/misq\/2015\/39.1.06"},{"key":"25_CR60","doi-asserted-by":"publisher","unstructured":"Karim, N.A., Kaur, J., Khalib, M.N.: Benefit vs cost: examining factors of intention to comply information security policy. In: 2021 IEEE International Conference on Computing, ICOCO 2021, pp. 291\u2013296 (2021). https:\/\/doi.org\/10.1109\/ICOCO53166.2021.9673542","DOI":"10.1109\/ICOCO53166.2021.9673542"},{"key":"25_CR61","doi-asserted-by":"publisher","unstructured":"Milicevic, D., Goeken, M.: Social factors in policy compliance - evidence found in literature to assist the development of policies in information security management. In: Proceedings of the Annual Hawaii International Conference on System Sciences, pp. 4476\u20134484 (2013). https:\/\/doi.org\/10.1109\/HICSS.2013.488","DOI":"10.1109\/HICSS.2013.488"},{"key":"25_CR62","doi-asserted-by":"publisher","first-page":"106","DOI":"10.1057\/ejis.2009.6","volume":"18","author":"T Herath","year":"2009","unstructured":"Herath, T., Rao, H.R.: Protection motivation and deterrence: a framework for security policy compliance in organisations. Eur. J. Inf. Syst. 18, 106\u2013125 (2009). https:\/\/doi.org\/10.1057\/ejis.2009.6","journal-title":"Eur. J. Inf. Syst."},{"key":"25_CR63","doi-asserted-by":"publisher","first-page":"587","DOI":"10.1016\/j.future.2019.03.024","volume":"97","author":"N Sohrabi","year":"2019","unstructured":"Sohrabi, N., Maple, C., Furnell, S., Ajmal, M.: Deterrence and prevention-based model to mitigate information security insider threats in organisations. Future Gener. Comput. Syst. 97, 587\u2013597 (2019). https:\/\/doi.org\/10.1016\/j.future.2019.03.024","journal-title":"Future Gener. Comput. Syst."},{"key":"25_CR64","doi-asserted-by":"publisher","first-page":"200","DOI":"10.1108\/ICS-04-2014-0025","volume":"23","author":"T Sommestad","year":"2015","unstructured":"Sommestad, T., Karlz\u00e9n, H., Hallberg, J.: The sufficiency of the theory of planned behavior for explaining information security policy compliance. Inf. Comput. Secur. 23, 200\u2013217 (2015). https:\/\/doi.org\/10.1108\/ICS-04-2014-0025","journal-title":"Inf. Comput. Secur."},{"key":"25_CR65","doi-asserted-by":"publisher","unstructured":"Foth, M.: Factors influencing the intention to comply with data protection regulations in hospitals: based on gender differences in behaviour and deterrence, p. 9344 (2017). https:\/\/doi.org\/10.1057\/ejis.2015.9","DOI":"10.1057\/ejis.2015.9"},{"key":"25_CR66","doi-asserted-by":"publisher","first-page":"487","DOI":"10.1038\/174197b0","volume":"34","author":"M Siponen","year":"2010","unstructured":"Siponen, M., Vance, A.: Neutralization: new insights into the problem of employee information systems security policy violations. Nature 34, 487\u2013502 (2010). https:\/\/doi.org\/10.1038\/174197b0","journal-title":"Nature"},{"key":"25_CR67","doi-asserted-by":"publisher","unstructured":"Nasir, A., Arshah, R.A., Ab Hamid, M.R.: Information security policy compliance behavior based on comprehensive dimensions of information security culture: a conceptual framework, pp. 56\u201360 (2017). https:\/\/doi.org\/10.1145\/3077584.3077593","DOI":"10.1145\/3077584.3077593"},{"key":"25_CR68","doi-asserted-by":"crossref","unstructured":"Chen, X., Chen, L.: Chen, Chen Factors that influence employees\u2019 security policy compliance behavior DECISION SCIENCES INSTITUTE Factors that influence employees\u2019 security policy compliance behavior: an Awareness-Motivation-Capability (AMC) perspective (2016)","DOI":"10.1080\/08874417.2016.1258679"},{"key":"25_CR69","doi-asserted-by":"publisher","first-page":"673","DOI":"10.1016\/j.cose.2012.04.004","volume":"31","author":"K Padayachee","year":"2012","unstructured":"Padayachee, K.: Taxonomy of compliant information security behavior. Comput. Secur. 31, 673\u2013680 (2012). https:\/\/doi.org\/10.1016\/j.cose.2012.04.004","journal-title":"Comput. Secur."},{"key":"25_CR70","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1016\/j.ijinfomgt.2018.10.017","volume":"45","author":"L Li","year":"2019","unstructured":"Li, L., He, W., Xu, L., Ash, I., Anwar, M., Yuan, X.: Investigating the impact of cybersecurity policy awareness on employees\u2019 cybersecurity behavior. Int. J. Inf. Manag. 45, 13\u201324 (2019). https:\/\/doi.org\/10.1016\/j.ijinfomgt.2018.10.017","journal-title":"Int. J. Inf. Manag."},{"key":"25_CR71","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1080\/19393555.2019.1643956","volume":"28","author":"A Nasir","year":"2019","unstructured":"Nasir, A., Arshah, R.A., Rashid, M., Hamid, A.: A dimension-based information security culture model and its relationship with employees\u2019 security behavior: a case study in Malaysian higher educational institutions. Inf. Secur. J. A Glob. Perspect. 28, 55\u201380 (2019). https:\/\/doi.org\/10.1080\/19393555.2019.1643956","journal-title":"Inf. Secur. J. A Glob. Perspect."},{"key":"25_CR72","doi-asserted-by":"publisher","unstructured":"Chen, X., Chen, L., Wu, D., Perspective, A.: Factors that influence employees\u2019 security policy compliance: an awareness-motivation-capability perspective. J. Comput. Inf. Syst. 58, 312\u2013324 (2018). https:\/\/doi.org\/10.1080\/08874417.2016.1258679","DOI":"10.1080\/08874417.2016.1258679"},{"key":"25_CR73","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1016\/j.cose.2018.09.016","volume":"80","author":"M Rajab","year":"2019","unstructured":"Rajab, M., Eydgahi, A.: Evaluating the explanatory power of theoretical frameworks on intention to comply with information security policies in higher education. Comput. Secur. 80, 211\u2013223 (2019). https:\/\/doi.org\/10.1016\/j.cose.2018.09.016","journal-title":"Comput. Secur."},{"key":"25_CR74","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101998","volume":"98","author":"R Palanisamy","year":"2020","unstructured":"Palanisamy, R., Norman, A.A., Kiah, M.L.M.: Compliance with bring your own device security policies in organizations: a systematic literature review. Comput. Secur. 98, 101998 (2020). https:\/\/doi.org\/10.1016\/j.cose.2020.101998","journal-title":"Comput. Secur."},{"key":"25_CR75","doi-asserted-by":"publisher","unstructured":"Chen, H., Li, W.: Understanding commitment and apathy in is security extra-role behavior from a person-organization fit perspective, 3001 (2019). https:\/\/doi.org\/10.1080\/0144929X.2018.1539520","DOI":"10.1080\/0144929X.2018.1539520"},{"key":"25_CR76","doi-asserted-by":"publisher","first-page":"1","DOI":"10.3390\/su12208576","volume":"12","author":"RF Ali","year":"2020","unstructured":"Ali, R.F., Dominic, P.D.D., Ali, K.: Organizational governance, social bonds and information security policy compliance: a perspective towards oil and gas employees. Sustainability 12, 1\u201327 (2020). https:\/\/doi.org\/10.3390\/su12208576","journal-title":"Sustainability"},{"key":"25_CR77","doi-asserted-by":"crossref","unstructured":"Siponen, M., Vance, A.: Neutralization: new insights into the problem of employee information systems security policy violations. MIS Q. 34, 487\u2013502 (2010)","DOI":"10.2307\/25750688"},{"key":"25_CR78","doi-asserted-by":"publisher","first-page":"6765","DOI":"10.1007\/s00500-018-3354-z","volume":"22","author":"M Choi","year":"2018","unstructured":"Choi, M., Song, J.: Social control through deterrence on the compliance with information security policy. Soft. Comput. 22, 6765\u20136772 (2018). https:\/\/doi.org\/10.1007\/s00500-018-3354-z","journal-title":"Soft. Comput."},{"key":"25_CR79","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1108\/IMCS-08-2012-0045","volume":"22","author":"T Sommestad","year":"2014","unstructured":"Sommestad, T., Hallberg, J., Lundholm, K., Bengtsson, J.: Variables influencing information security policy compliance: a systematic review of quantitative studies. Inf. Manag. Comput. Secur. 22, 42\u201375 (2014). https:\/\/doi.org\/10.1108\/IMCS-08-2012-0045","journal-title":"Inf. Manag. Comput. Secur."},{"key":"25_CR80","doi-asserted-by":"crossref","unstructured":"Siponen, M., Pahnila, S., Mahmood, M.A.: Compliance with information security policies. IEEE Comput. Soc. 43, 64\u201371 (2010)","DOI":"10.1109\/MC.2010.35"},{"key":"25_CR81","doi-asserted-by":"publisher","first-page":"53","DOI":"10.4018\/irmj.2018010103","volume":"31","author":"P Ifinedo","year":"2017","unstructured":"Ifinedo, P.: Roles of organizational climate, social bonds, and perceptions of security threats on is security policy compliance intentions. Inf. Resour. Manag. J. 31, 53\u201382 (2017). https:\/\/doi.org\/10.4018\/irmj.2018010103","journal-title":"Inf. Resour. Manag. J."},{"key":"25_CR82","doi-asserted-by":"publisher","first-page":"68","DOI":"10.4018\/ijhcitp.2017070105","volume":"8","author":"Y Choi","year":"2017","unstructured":"Choi, Y.: Human resource management and security policy compliance. Int. J. Hum. Cap. Inf. Technol. Prof. 8, 68\u201381 (2017). https:\/\/doi.org\/10.4018\/ijhcitp.2017070105","journal-title":"Int. J. Hum. Cap. Inf. Technol. Prof."},{"key":"25_CR83","unstructured":"Alfawaz, S., Nelson, K., Mohannak, K.: Information security culture: a behaviour compliance conceptual framework BT. In: 8th Australasian Information Security Conference, AISC 2010, 19 January\u201320 January, 2010. Conferences in Research and Practice in Information Technology Series, vol. 105, pp. 47\u201355 (2010)"},{"key":"25_CR84","doi-asserted-by":"publisher","unstructured":"D\u2019Arcy, J.D., Hovav, A., Galletta, D.: User awareness of security countermeasures and its impact on information systems misuse: a deterrence approach (2009). https:\/\/doi.org\/10.1287\/isre.1070.0160","DOI":"10.1287\/isre.1070.0160"},{"key":"25_CR85","doi-asserted-by":"publisher","first-page":"344","DOI":"10.1080\/08874417.2017.1368421","volume":"59","author":"T Sommestad","year":"2019","unstructured":"Sommestad, T., Karlz\u00e9n, H., Hallberg, J.: The theory of planned behavior and information security policy compliance. J. Comput. Inf. Syst. 59, 344\u2013353 (2019). https:\/\/doi.org\/10.1080\/08874417.2017.1368421","journal-title":"J. Comput. Inf. Syst."},{"key":"25_CR86","unstructured":"Coertze, J.: A framework for information security governance in SMMEs (2012)"},{"key":"25_CR87","unstructured":"Fitzgerald, T.: Information security governance simplified from the boardroom to the keyboard (2019)"},{"key":"25_CR88","doi-asserted-by":"publisher","unstructured":"Ohki, E., Harada, Y., Kawaguchi, S., Shiozaki, T., Kagaya, T.: Information security governance framework (2009). https:\/\/doi.org\/10.1145\/1655168.1655170","DOI":"10.1145\/1655168.1655170"},{"key":"25_CR89","doi-asserted-by":"publisher","DOI":"10.1016\/j.tourman.2021.104282","volume":"84","author":"X Wang","year":"2021","unstructured":"Wang, X., Xu, J.: Deterrence and leadership factors: Which are important for information security policy compliance in the hotel industry. Tour. Manag. 84, 104282 (2021). https:\/\/doi.org\/10.1016\/j.tourman.2021.104282","journal-title":"Tour. Manag."},{"key":"25_CR90","doi-asserted-by":"crossref","unstructured":"Shava, E., Mazenda, A.: Ethics in South African public administration: a critical review (2021)","DOI":"10.1504\/IJMP.2021.115107"},{"key":"25_CR91","unstructured":"OECD.: Public Sector Integrity Management Framework. p. 33 (2005)"}],"container-title":["Communications in Computer and Information Science","Advanced Research in Technologies, Information, Innovation and Sustainability"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-84078-4_25","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,12]],"date-time":"2025-03-12T19:06:47Z","timestamp":1741806407000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-84078-4_25"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031840777","9783031840784"],"references-count":91,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-84078-4_25","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"13 March 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ARTIIS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Advanced Research in Technologies, Information, Innovation and Sustainability","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santiago de Chile","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Chile","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 October 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 October 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"artiis2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.artiis.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}