{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,22]],"date-time":"2026-04-22T03:54:44Z","timestamp":1776830084996,"version":"3.51.2"},"reference-count":32,"publisher":"Emerald","issue":"1","license":[{"start":{"date-parts":[[2015,3,9]],"date-time":"2015-03-09T00:00:00Z","timestamp":1425859200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015,3,9]]},"abstract":"\n Purpose<\/jats:title>\n \u2013 This paper aims to investigate factors that impact the number of information security policy violations in Qatari organizations and to examine the moderating effect of Hofstede\u2019s cultural dimensions on the relationships between the independent factors and the number of information security policy violations. <\/jats:p>\n <\/jats:sec>\n \n Design\/methodology\/approach<\/jats:title>\n \u2013 Grounded in related theories from the fields of criminology, behavioral psychology and theory of planned behavior, two components that affect the number of information security policy violations were identified. A quantitative approach was used by developing a questionnaire survey to collect the data. The research model was tested using 234 employees from different Qatari organizations. <\/jats:p>\n <\/jats:sec>\n \n Findings<\/jats:title>\n \u2013 The results of the study indicate that trust, the impact of implementing information security policy on work environment and the clarity of the scope of the information security policy were significant factors in predicting the number of information security policy violations. The findings also reveal that cultural dimensions such as uncertainty avoidance and collectivism moderate the relationships between trust, clarity of policy scope and impact of information security policy on work environment and the number information security policy violations. <\/jats:p>\n <\/jats:sec>\n \n Research limitations\/implications<\/jats:title>\n \u2013 The generalizability of the results is limited because the sample of the study was drawn from only one developing country. Therefore, a plausible future research could be testing the proposed model in many developing and developed countries. <\/jats:p>\n <\/jats:sec>\n \n Practical implications<\/jats:title>\n \u2013 The paper includes practical implications for developing and implementing security measures and policies in diversified work environments. <\/jats:p>\n <\/jats:sec>\n \n Originality\/value<\/jats:title>\n \u2013 This study fulfils a gap in investigating the factors that influence the number of information security policy violations and the moderating effect of cultural dimensions in developing countries such as Qatar.<\/jats:p>\n <\/jats:sec>","DOI":"10.1108\/ics-03-2014-0018","type":"journal-article","created":{"date-parts":[[2015,2,26]],"date-time":"2015-02-26T06:35:30Z","timestamp":1424932530000},"page":"102-118","source":"Crossref","is-referenced-by-count":20,"title":["An examination of factors that influence the number of information security policy violations in Qatari organizations"],"prefix":"10.1108","volume":"23","author":[{"given":"Hasan M.","family":"Al-Mukahal","sequence":"first","affiliation":[]},{"given":"Khaled","family":"Alshare","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"key":"key2020122523570598400_b1","doi-asserted-by":"crossref","unstructured":"Ajzen, I.\n (1991), \u201cThe theory of planned behavior\u201d, \n Organizational Behavior and Human Decision Processes\n , Vol. 50 No. 2, pp. 179-211.","DOI":"10.1016\/0749-5978(91)90020-T"},{"key":"key2020122523570598400_b2","unstructured":"AlgoSec\n (2013), \u201cThe state of network security 2013: attitudes and opinions\u201d, AlgoSec, available at: www.algosec.com\/resources\/files\/Specials\/Survey%20files\/State%20of%20Network%20Security%202013_Final%20Report.pdf (accessed 10 May 2014)."},{"key":"key2020122523570598400_b3","unstructured":"Al-Share, K.\n and \n Lane, P.\n (2008), \u201cA conceptual model for explaining violations of the information security policy (ISP): a cross cultural perspective\u201d, AMCIS 2008 Proceedings, Toronto, ON, 14-17 August."},{"key":"key2020122523570598400_b4","doi-asserted-by":"crossref","unstructured":"Asai, T.\n and \n Hakizabera, A.U.\n (2010), \u201cEmpirical analysis of human-related problems of information security in cross-cultural environments (East African Community)\u201d, \n Information Management and Computer Security\n , Vol. 18 No. 5, pp. 328-338.","DOI":"10.1108\/09685221011095245"},{"key":"key2020122523570598400_b5","doi-asserted-by":"crossref","unstructured":"Asai, T.\n and \n Hakizabera, A.U.\n (2011), \u201cHuman-related problems in information security in Thai Cross-Cultural Environments\u201d, \n Contemporary Management Research\n , Vol. 7 No. 2, pp. 117-142.","DOI":"10.7903\/cmr.6191"},{"key":"key2020122523570598400_b6","unstructured":"Boulder, C.O.\n (2010), \u201cNew webroot survey reveals poor password practices that may put consumers\u2019 identities at risk\u201d, available at: www.webroot.com (accessed 2 October 2013)."},{"key":"key2020122523570598400_b7","unstructured":"Ciganek, A.\n and \n Francia, G.\n (2009), \u201cThe impact of culture on global information security regulations\u201d, Proceedings of the Southern Association for Information Systems Conferences, Charleston, SC, 12-14 March."},{"key":"key2020122523570598400_b8","unstructured":"Cisco Systems\n (2008), \u201cData leakage worldwide: the effectiveness of security policies\u201d, Cisco Public Information, available at: www.cisco.com (accessed 2 October 2013)."},{"key":"key2020122523570598400_b9","doi-asserted-by":"crossref","unstructured":"Cox, J.\n (2012), \u201cInformation systems user security: a structured model of the knowing\u2013doing gap\u201d, \n Computers in Human Behavior\n , Vol. 28 No. 5, pp. 1849-1858.","DOI":"10.1016\/j.chb.2012.05.003"},{"key":"key2020122523570598400_b10","unstructured":"Dilulio, J.\n (2010), \u201cDeterrence theory\u201d, available at: http:\/\/marisluste.files.wordpress.com\/2010\/11\/deterrence-theory.pdf (accessed 10 October 2013)."},{"key":"key2020122523570598400_b11","doi-asserted-by":"crossref","unstructured":"Dinev, T.\n , \n Hu, Q.\n , \n Xu, Z.\n and \n Ling, H.\n (2011), \u201cDoes deterrence work in reducing information security policy abuse by employees\u201d, \n Association for Computer Machinery\n , Vol. 54 No. 6, pp. 54-60.","DOI":"10.1145\/1953122.1953142"},{"key":"key2020122523570598400_b12","unstructured":"Dols, T.\n and \n Silvius, G.\n (2010), \u201cExploring the influence of national cultures on non-compliance behavior\u201d, \n Communications of the IIMA\n , Vol. 10 No. 3, pp. 11-32."},{"key":"key2020122523570598400_b13","unstructured":"Durgin, M.\n (2007), \u201cUnderstanding the importance of and implementing internal security measures\u201d, SANS Institute, InfoSec Reading Room, available at: www.sans.org (accessed 2 October 2013)."},{"key":"key2020122523570598400_b14","unstructured":"Gilbert, E.\n and \n Mitra, T.\n (2012), \u201cHave you heard? How gossip flows through workplace email\u201d, Proceedings of the Sixth International Conference on Weblogs and Social Media, Trinity College, Dublin, June 2012."},{"key":"key2020122523570598400_b15","unstructured":"Glaser, T.\n (2009), \n Culture and Information Security: Outsourcing IT Services in China\n , OPUS Publications, University of Berlin, Berlin."},{"key":"key2020122523570598400_b16","doi-asserted-by":"crossref","unstructured":"Grasmick, H.G.\n and \n Bursik, R.J.\n (1990), \u201cConscience, significant others and rational choice\u201d, \n Law and Society Review\n , Vol. 24 No. 3, pp. 837-862.","DOI":"10.2307\/3053861"},{"key":"key2020122523570598400_b17","unstructured":"Hair, J.\n , \n Black, B. Babin, B.\n , \n Anderson, R.\n and \n Tatham, R.\n (2006), \n Multivariate Data Analysis\n , Prentice Hall, Upper Saddle River, NJ."},{"key":"key2020122523570598400_b18","unstructured":"Hofstede, G.\n (1997), \n Cultures and Organizations. Software of the Mind. Intercultural Cooperation and its Importance for Survival\n , McGraw-Hill, NJ."},{"key":"key2020122523570598400_b19","unstructured":"Ikonen, M.\n and \n Savolainen, T.\n (2013), \u201cDoes it enhance human resource management? A narrative approach to trust development in work relationships\u201d, Proceedings of International Conference on Management, Leadership and Governance, Bangkok University, Bangkok, 7-8 February, pp. 174-179."},{"key":"key2020122523570598400_b20","doi-asserted-by":"crossref","unstructured":"J\u00f8sang, A.\n (1997), \u201cProspectives for modelling trust in information security\u201d, Proceedings of Second Australasian Conference, ACISP\u2019, NSW, July 7-9, 1997, pp. 2-13.","DOI":"10.1007\/BFb0027928"},{"key":"key2020122523570598400_b21","unstructured":"Kelleher, D.\n (2009), \u201cSecurity education: ineffective or the wrong approach?\u201d, available at: www.gfi.com (accessed 2 October 2013)."},{"key":"key2020122523570598400_b22","unstructured":"Klockars, C.\n (1974), \n Professional Fence\n , Free Press, New York, NY."},{"key":"key2020122523570598400_b23","doi-asserted-by":"crossref","unstructured":"Nagin, S.\n and \n Paternoster, R.\n (1993), \u201cEnduring individual differences and rational choice theories of crime\u201d, \n Law and Society Review\n , Vol. 27 No. 3, pp. 467-496.","DOI":"10.2307\/3054102"},{"key":"key2020122523570598400_b24","unstructured":"Prasarnphanich, P.\n (2007), \u201cDoes trust matter to develop customer loyalty in online business?\u201d, Proceedings of the 24th South East Asia Regional Computer Conference, Bangkok, 18-19 November, pp. 231-237."},{"key":"key2020122523570598400_b25","unstructured":"Protiviti\n (2012), \u201cWarning over ineffectiveness of information security awareness training within UK business\u201d, available at: www.protiviti.com (accessed 2 October 2013)."},{"key":"key2020122523570598400_b26","doi-asserted-by":"crossref","unstructured":"Siponen, M.\n and \n Vance, A.\n (2010), \u201cNeutralization: new insight into the problem of employee IS security policy violations\u201d, \n MIS Quarterly\n , Vol. 34 No. 3, pp. 487-502.","DOI":"10.2307\/25750688"},{"key":"key2020122523570598400_b28","unstructured":"Software Engineering Institute\n (2013), \n Unintentional Insider Threats: A Foundational Study\n , Carnegie Mellon University, Pittsburgh, PA."},{"key":"key2020122523570598400_b29","doi-asserted-by":"crossref","unstructured":"Sykes, G.\n and \n Matza, D.\n (1957), \u201cTechniques of neutralization: a theory of delinquency\u201d, \n American Sociological Review\n , Vol. 22 No. 6, pp. 664-670.","DOI":"10.2307\/2089195"},{"key":"key2020122523570598400_b30","doi-asserted-by":"crossref","unstructured":"Vance, A.\n and \n Siponen, M.\n (2012), \u201cIS security policy violations: a rational choice perspective\u201d, \n Journal of Organizational and End User Computing\n , Vol. 24 No. 1, pp. 21-41.","DOI":"10.4018\/joeuc.2012010102"},{"key":"key2020122523570598400_b31","doi-asserted-by":"crossref","unstructured":"Waluyan, L.\n , \n Blos, M.\n , \n Noguera, S.\n and \n Asai, T.\n (2010), \u201cPotential problems in people management concerning information security in cross-cultural environment \u2013 The case of Brazil\u201d, \n Journal of Information Processing Society of Japan\n , Vol. 51 No. 2, pp. 613-623.","DOI":"10.2197\/ipsjjip.18.38"},{"key":"key2020122523570598400_b32","unstructured":"Yalya, A.\n (2011), \u201cEnforcing information security policies through cultural boundaries: a multinational company approach\u201d, Proceedings of ECIS Conference, Helsinki, 9-11 June, pp. 234-245."},{"key":"key2020122523570598400_frd1","unstructured":"Siponen, M.\n , \n Pahnila, S.\n and \n Vance, A.\n (2012), \u201cMotivating IS security policy compliance: insights from habits and protection motivation theory\u201d, \n Journal of Information and Management\n , Vol. 49 Nos 3\/4, pp. 190-198."}],"container-title":["Information & Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/ICS-03-2014-0018","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-03-2014-0018\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-03-2014-0018\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T01:22:44Z","timestamp":1753406564000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/23\/1\/102-118\/111040"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,3,9]]},"references-count":32,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2015,3,9]]}},"alternative-id":["10.1108\/ICS-03-2014-0018"],"URL":"https:\/\/doi.org\/10.1108\/ics-03-2014-0018","relation":{},"ISSN":["2056-4961"],"issn-type":[{"value":"2056-4961","type":"print"}],"subject":[],"published":{"date-parts":[[2015,3,9]]}}}