{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,3]],"date-time":"2026-06-03T10:14:17Z","timestamp":1780481657023,"version":"3.54.1"},"reference-count":43,"publisher":"Emerald","issue":"5","license":[{"start":{"date-parts":[[2014,11,10]],"date-time":"2014-11-10T00:00:00Z","timestamp":1415577600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014,11,10]]},"abstract":"<jats:sec><jats:title content-type=\"abstract-heading\">Purpose<\/jats:title><jats:p>\u2013 The purpose of this paper is to examine the influence of security-related and employment relationship factors on employees\u2019 security compliance decisions. A major challenge for organizations is encouraging employee compliance with security policies, procedures and guidelines. Specifically, we predict that security culture, job satisfaction and perceived organizational support have a positive effect on employees\u2019 security compliance intentions.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Design\/methodology\/approach<\/jats:title><jats:p>\u2013 This study used a survey approach for data collection. Data were collected using two online surveys that were administered at separate points in time.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Findings<\/jats:title><jats:p>\u2013 Our results provide empirical support for security culture as a driver of employees\u2019 security compliance in the workplace. Another finding is that an employee\u2019s feeling of job satisfaction influences his\/her security compliance intention, although this relationship appears to be contingent on the employee\u2019s position, tenure and industry. Surprisingly, we also found a negative relationship between perceived organizational support and security compliance intention.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Originality\/value<\/jats:title><jats:p>\u2013 Our results provide one of the few empirical validations of security culture, and we recognize its multidimensional nature as conceptualized through top management commitment to security (TMCS), security communication and computer monitoring. We also extend security compliance research by considering the influence of employment relationship factors drawn from the organizational behavior literature.<\/jats:p><\/jats:sec>","DOI":"10.1108\/imcs-08-2013-0057","type":"journal-article","created":{"date-parts":[[2014,10,30]],"date-time":"2014-10-30T09:09:22Z","timestamp":1414660162000},"page":"474-489","source":"Crossref","is-referenced-by-count":120,"title":["Security culture and the employment relationship as drivers of employees\u2019 security compliance"],"prefix":"10.1108","volume":"22","author":[{"given":"John","family":"D'Arcy","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Gwen","family":"Greene","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"140","reference":[{"key":"key2020122800262704200_b1","doi-asserted-by":"crossref","unstructured":"Albrechtsen, E. (2007), \u201cA qualitative study of users\u2019 view on information security\u201d, Computers & Security , Vol. 26 No. 4, pp. 276-289.","DOI":"10.1016\/j.cose.2006.11.004"},{"key":"key2020122800262704200_b2","doi-asserted-by":"crossref","unstructured":"Allaire, Y. and Firsirotu, M.E. (1984), \u201cTheories of organizational culture\u201d, Organization Studies , Vol. 5 No. 3, pp. 193-226.","DOI":"10.1177\/017084068400500301"},{"key":"key2020122800262704200_b3","doi-asserted-by":"crossref","unstructured":"Alvesson, M. (2002), Understanding Organizational Culture , Sage, London.","DOI":"10.4135\/9781446280072"},{"key":"key2020122800262704200_b4","doi-asserted-by":"crossref","unstructured":"Bagozzi, R.P. and Phillips, L.W. (1991), \u201cAssessing construct validity in organizational research\u201d, Administrative Science Quarterly , Vol. 36 No. 3, pp. 421-458.","DOI":"10.2307\/2393203"},{"key":"key2020122800262704200_b5","doi-asserted-by":"crossref","unstructured":"Beautement, A. and Sasse, A. (2009), \u201cThe economics of user effort in information security\u201d, Computer Fraud & Security , Vol. 10, pp. 8-12.","DOI":"10.1016\/S1361-3723(09)70127-7"},{"key":"key2020122800262704200_b6","doi-asserted-by":"crossref","unstructured":"Boss, S.R. , Kirsch, L.J. , Angermeier, I. , Shingler, R.A. and Boss, R.W. (2009), \u201cIf someone is watching, I\u2019ll do what I\u2019m asked: mandatoriness, control, and information security\u201d, European Journal of Information Systems , Vol. 18 No. 2, pp. 151-164.","DOI":"10.1057\/ejis.2009.8"},{"key":"key2020122800262704200_b7","doi-asserted-by":"crossref","unstructured":"Brayfield, A.H. and Rothe, H.F. (1951), \u201cAn index of job satisfaction\u201d, Journal of Applied Psychology , Vol. 35 No. 5, pp. 307-311.","DOI":"10.1037\/h0055617"},{"key":"key2020122800262704200_b8","doi-asserted-by":"crossref","unstructured":"Chan, M. , Woon, I. and Kankanhalli, A. (2005), \u201cPerceptions of information security at the workplace: linking information security climate to compliant behavior\u201d, Journal of Information Privacy & Security , Vol. 1 No. 3, pp. 18-41.","DOI":"10.1080\/15536548.2005.10855772"},{"key":"key2020122800262704200_b9","doi-asserted-by":"crossref","unstructured":"Chang, S.E. and Lin, C.-S. (2007), \u201cExploring organizational culture for information security management\u201d, Industrial Management & Data Systems , Vol. 107 No. 3, pp. 438-458.","DOI":"10.1108\/02635570710734316"},{"key":"key2020122800262704200_b10","unstructured":"Chin, W. (2000), \u201cFrequently asked questions-partial least squares & pls graph\u201d, available at: http:\/\/disc-nt.cba.uh.edu\/chin\/plsfaq.htm"},{"key":"key2020122800262704200_b12","unstructured":"D\u2019Arcy, J. and Greene, G. (2009), \u201cThe multifaceted nature of security culture and its influence on end user behavior\u201d, in Proceedings of IFIP TC8 International Workshop on Information Systems Security Research, Cape Town, pp. 145-157."},{"key":"key2020122800262704200_b11","doi-asserted-by":"crossref","unstructured":"D\u2019Arcy, J. , Hovav, A. and Galletta, D.G. (2009), \u201cUser awareness of security countermeasures and its impact on information systems misuse: a deterrence approach\u201d, Information Systems Research , Vol. 20 No. 1, pp. 79-98.","DOI":"10.1287\/isre.1070.0160"},{"key":"key2020122800262704200_b13","doi-asserted-by":"crossref","unstructured":"Deal, T. and Kennedy, A. (1982), Corporate Cultures: The Rites and Rituals of Corporate Life , Addison-Wesley, Reading, MA.","DOI":"10.1016\/0007-6813(83)90092-7"},{"key":"key2020122800262704200_b48","doi-asserted-by":"crossref","unstructured":"Eisenberger, R. , Huntington, R. , Hutchison, S. and Sowa, D. (1986), \u201cPerceived organizational support\u201d, Journal of Applied Psychology , Vol. 71 No. 3, pp. 500-507.","DOI":"10.1037\/0021-9010.71.3.500"},{"key":"key2020122800262704200_b14","unstructured":"Finch, J.H. , Furnell, S.M. and Dowland, P.S. (2003), \u201cAssessing IT security culture: system administrator and end-user\u201d, in Proceedings of the ISOneWorld Conference, Las Vegas, NV."},{"key":"key2020122800262704200_b15","unstructured":"Hatch, M.J. and Cunliffe, A.L. (2012), Organization Theory: Modern Symbolic and Postmodern Perspectives , 3rd ed., Oxford University Press, New York, NY."},{"key":"key2020122800262704200_b16","doi-asserted-by":"crossref","unstructured":"Herath, T. and Rao, H.R. (2009), \u201cProtection motivation and deterrence: a framework for security policy compliance in organisations\u201d, European Journal of Information Systems , Vol. 18 No. 2, pp. 106-125.","DOI":"10.1057\/ejis.2009.6"},{"key":"key2020122800262704200_b17","doi-asserted-by":"crossref","unstructured":"Hu, Q. , Dinev, T. , Hart, P. and Cooke, D. (2012), \u201cManaging employee compliance with information security policies: the critical role of top management and organizational culture\u201d, Decision Sciences , Vol. 43 No. 4, pp. 615-660.","DOI":"10.1111\/j.1540-5915.2012.00361.x"},{"key":"key2020122800262704200_b18","doi-asserted-by":"crossref","unstructured":"Judge, T.A. , Bono, J.E. , Thoreson, C.J. and Patton, G.K. (2001), \u201cThe job satisfaction \u2013 job performance relationship: a qualitative and quantitative review\u201d, Psychological Bulletin , Vol. 127 No. 3, pp. 376-407.","DOI":"10.1037\/0033-2909.127.3.376"},{"key":"key2020122800262704200_b19","doi-asserted-by":"crossref","unstructured":"Kaplan, S. , Bradley, J.C. , Luchman, J.N. and Haynes, D. (2009), \u201cOn the role of positive and negative affectivity in job performance: a meta-analytic investigation\u201d, Journal of Applied Psychology , Vol. 94 No. 1, pp. 162-176.","DOI":"10.1037\/a0013115"},{"key":"key2020122800262704200_b20","doi-asserted-by":"crossref","unstructured":"Knapp, K.J. (2006), \u201cInformation security: management\u2019s effect on culture and policy\u201d, Information Management & Computer Security , Vol. 14 No. 1, pp. 24-36.","DOI":"10.1108\/09685220610648355"},{"key":"key2020122800262704200_b21","unstructured":"Knapp, K.J. , Marshall, T.E. , Rainer, R.K. and Ford, F.N. (2005), \u201cManagerial dimensions in information security: a theoretical model of organizational effectiveness\u201d, ISC2 Inc and Auburn University Research Report, Framingham, MA and Auburn, AL."},{"key":"key2020122800262704200_b22","doi-asserted-by":"crossref","unstructured":"LePine, J.A. , Erez, A. and Johnson, D.E. (2002), \u201cThe nature and dimensionality of organizational citizenship behavior: a critical review and meta-analysis\u201d, Journal of Applied Psychology , Vol. 87 No. 1, pp. 52-65.","DOI":"10.1037\/0021-9010.87.1.52"},{"key":"key2020122800262704200_b23","doi-asserted-by":"crossref","unstructured":"MacKenzie, S.B. , Podsakoff, P.M. and Podsakoff, N.P. (2011), \u201cConstruct measurement and validation procedures in MIS and behavioral research: integrating new and existing techniques\u201d, MIS Quarterly , Vol. 35 No. 2, pp. 293-334.","DOI":"10.2307\/23044045"},{"key":"key2020122800262704200_b24","doi-asserted-by":"crossref","unstructured":"Martin, J. , Frost, P.J. and O\u2019Neill, O.A. (2006), \u201cOrganizational culture: beyond struggles for intellectual dominance\u201d, in Clegg, , S. , Hardy, , C. , Nord, , W. , Lawrence, and T. (Eds), Handbook of Organization Studies , 2nd ed., Sage Publications, London, pp. 725-753.","DOI":"10.4135\/9781848608030.n26"},{"key":"key2020122800262704200_b25","doi-asserted-by":"crossref","unstructured":"Petter, S. , Straub, D. and Rai, A. (2007), \u201cSpecifying formative constructs in information systems research\u201d, MIS Quarterly , Vol. 31 No. 4, pp. 623-656.","DOI":"10.2307\/25148814"},{"key":"key2020122800262704200_b26","doi-asserted-by":"crossref","unstructured":"Pettigrew, A.M. (1979), \u201cOn studying organizational cultures\u201d, Administrative Science Quarterly , Vol. 24 No. 4, pp. 570-581.","DOI":"10.2307\/2392363"},{"key":"key2020122800262704200_b27","doi-asserted-by":"crossref","unstructured":"Podsakoff, P.M. , MacKenzie, S.B. , Lee, J.Y. and Podsakoff, N.P. (2003), \u201cCommon method biases in behavioral research: a critical review of the literature and recommended remedies\u201d, Journal of Applied Psychology , Vol. 88 No. 5, pp. 879-903.","DOI":"10.1037\/0021-9010.88.5.879"},{"key":"key2020122800262704200_b28","doi-asserted-by":"crossref","unstructured":"Predd, J. , Pfleeger, S.L. , Hunker, J. and Bulford, C. (2008), \u201cInsiders behaving badly\u201d, IEEE Security & Privacy , Vol. 6 No. 4, pp. 66-70.","DOI":"10.1109\/MSP.2008.87"},{"key":"key2020122800262704200_b29","doi-asserted-by":"crossref","unstructured":"Puhakainen, P. and Siponen, M. (2010), \u201cImproving employees\u2019 compliance through information systems security training: an action research study\u201d, MIS Quarterly , Vol. 34 No. 4, pp. 757-778.","DOI":"10.2307\/25750704"},{"key":"key2020122800262704200_b30","doi-asserted-by":"crossref","unstructured":"Rhoades, L. and Eisenberger, R. (2002), \u201cPerceived organizational support: a review of the literature\u201d, Journal of Applied Psychology , Vol. 87 No. 4, pp. 698-714.","DOI":"10.1037\/0021-9010.87.4.698"},{"key":"key2020122800262704200_b31","doi-asserted-by":"crossref","unstructured":"Ruighaver, S.B. , Maynard, S.B. and Chang, S. (2007), \u201cOrganisational security culture: extending the end-user perspective\u201d, Computers & Security , Vol. 25 No. 1, pp. 56-62.","DOI":"10.1016\/j.cose.2006.10.008"},{"key":"key2020122800262704200_b32","doi-asserted-by":"crossref","unstructured":"Settoon, R.P. , Bennett, N. and Liden, R.C. (1996), \u201cSocial exchange in organizations: perceived organizational support, leader-member exchange, and employee reciprocity\u201d, Journal of Applied Psychology , Vol. 81 No. 3, pp. 219-227.","DOI":"10.1037\/0021-9010.81.3.219"},{"key":"key2020122800262704200_b33","doi-asserted-by":"crossref","unstructured":"Siponen, M. , Mahmood, M.A. and Pahnila, S. (2009), \u201cAre employees putting your company at risk by not following information security policies?\u201d, Communications of the ACM , Vol. 52 No. 12, pp. 145-147.","DOI":"10.1145\/1610252.1610289"},{"key":"key2020122800262704200_b34","unstructured":"Stanton, J.M. and Stam, K.R. (2006), The Visible Employee , Information Today, Medford, NJ."},{"key":"key2020122800262704200_b35","doi-asserted-by":"crossref","unstructured":"Van Dyne, L. and Ang, S. (1998), \u201cOrganizational citizenship behavior of contingent workers in Singapore\u201d, Academy of Management Journal , Vol. 41 No. 6, pp. 692-703.","DOI":"10.2307\/256965"},{"key":"key2020122800262704200_b36","doi-asserted-by":"crossref","unstructured":"von Solms, R. and von Solms, B. (2004), \u201cFrom policies to culture\u201d, Computers & Security , Vol. 23 No. 4, pp. 275-279.","DOI":"10.1016\/j.cose.2004.01.013"},{"key":"key2020122800262704200_b37","doi-asserted-by":"crossref","unstructured":"Vroom, C. and von Solms, R. (2004), \u201cTowards information security behavioural compliance\u201d, Computers & Security , Vol. 23 No. 3, pp. 191-198.","DOI":"10.1016\/j.cose.2004.01.012"},{"key":"key2020122800262704200_b38","doi-asserted-by":"crossref","unstructured":"Warkentin, M. , Johnston, A.C. and Shropshire, J. (2011), \u201cThe influence of the informal social learning environment on information privacy policy compliance efficacy and intention\u201d, European Journal of Information Systems , Vol. 20 No. 3, pp. 267-284.","DOI":"10.1057\/ejis.2010.72"},{"key":"key2020122800262704200_b39","unstructured":"Westerman, G. and Hunter, R. (2007), IT Risk: Turning Business Threats into Competitive Advantage , Harvard Business School Press, Boston, MA."},{"key":"key2020122800262704200_b40","doi-asserted-by":"crossref","unstructured":"Wetzels, M. , Oderkerken-Schroder, G. and van Oppen, C. (2009), \u201cUsing PLS path modeling for assessing hierarchical construct models: guidelines and empirical illustration\u201d, MIS Quarterly , Vol. 33 No. 1, pp. 177-195.","DOI":"10.2307\/20650284"},{"key":"key2020122800262704200_b41","doi-asserted-by":"crossref","unstructured":"Williams, L.J. and Anderson, S.E. (1991), \u201cJob satisfaction and organizational commitment as predictors of organizational citizenship and in-role behaviors\u201d, Journal of Management , Vol. 17 No. 3, pp. 601-617.","DOI":"10.1177\/014920639101700305"},{"key":"key2020122800262704200_b42","unstructured":"Wilson, T. (2009), \u201cUnderstanding the danger within\u201d, InformationWeek Research Report, San Francisco, CA."}],"container-title":["Information Management &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/IMCS-08-2013-0057","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/IMCS-08-2013-0057\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/IMCS-08-2013-0057\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,24]],"date-time":"2025-07-24T21:50:47Z","timestamp":1753393847000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/22\/5\/474-489\/186876"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,11,10]]},"references-count":43,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2014,11,10]]}},"alternative-id":["10.1108\/IMCS-08-2013-0057"],"URL":"https:\/\/doi.org\/10.1108\/imcs-08-2013-0057","relation":{},"ISSN":["0968-5227"],"issn-type":[{"value":"0968-5227","type":"print"}],"subject":[],"published":{"date-parts":[[2014,11,10]]}}}