{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,29]],"date-time":"2026-05-29T16:35:58Z","timestamp":1780072558043,"version":"3.54.0"},"reference-count":69,"publisher":"Emerald","issue":"2","license":[{"start":{"date-parts":[[2020,5,12]],"date-time":"2020-05-12T00:00:00Z","timestamp":1589241600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ITP"],"published-print":{"date-parts":[[2020,5,12]]},"abstract":"<jats:sec><jats:title content-type=\"abstract-subheading\">Purpose<\/jats:title><jats:p>Employee compliance with information system security policies (ISSPs) has been emphasized as a key factor in protecting information assets against insider threats. Even though previous studies have identified extrinsic factors (in the form of external pressure, rewards and social norms) influencing employee compliance, the functioning of employees' intrinsic motivation has not been clearly analyzed. Thus, the aim of this study is to explore the influence of intrinsic motivations on employees' ISSP compliance.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Design\/methodology\/approach<\/jats:title><jats:p>This study follows a survey approach and conducts structural equation modeling using WarpPLS 5.0 to test the research model and hypotheses. The survey respondents are users of an enterprise digital rights management (EDRM) system.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Findings<\/jats:title><jats:p>The analysis results demonstrate that work impediments, perceived responsibility and self-efficacy significantly influence the intention to comply with ISSP. Additionally, autonomy significantly affects self-efficacy and perceived responsibility. Furthermore, autonomy plays a moderating role in the relationship between work impediment and ISSP compliance intentions.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Originality\/value<\/jats:title><jats:p>This study initiatively explores the effect of intrinsic motivations on ISSP compliance intention of employees for a specific information security system (i.e. the EDRM system). This study clarifies the enabling role of intrinsic motivations in ISSP compliance and helps organizations to understand that employee's self-motivated intention, i.e. autonomy, is an essential factor that achieves a higher level of ISSP compliance in the workplace.<\/jats:p><\/jats:sec>","DOI":"10.1108\/itp-05-2018-0256","type":"journal-article","created":{"date-parts":[[2020,5,12]],"date-time":"2020-05-12T10:18:04Z","timestamp":1589278684000},"page":"599-616","source":"Crossref","is-referenced-by-count":21,"title":["Exploring the role of intrinsic motivation in ISSP compliance: enterprise digital rights management system case"],"prefix":"10.1108","volume":"34","author":[{"given":"Soohyun","family":"Jeon","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Insoo","family":"Son","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Jinyoung","family":"Han","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"140","reference":[{"issue":"1","key":"key2021031214204312200_ref500","first-page":"1","article-title":"IT road warriors: balancing work-family conflict, job autonomy, and work overload to mitigate turnover intentions","volume":"33","year":"2007","journal-title":"MIS Quarterly"},{"key":"key2021031214204312200_ref001","first-page":"1041","article-title":"Theory of workarounds","volume":"34","year":"2014","journal-title":"Communications of the Association for Information Systems"},{"issue":"3","key":"key2021031214204312200_ref002","doi-asserted-by":"crossref","first-page":"613","DOI":"10.2307\/25750694","article-title":"Practicing safe computing: a multimedia empirical examination of home computer user security behavioral intentions","volume":"34","year":"2010","journal-title":"MIS Quarterly"},{"issue":"2","key":"key2021031214204312200_ref003","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1080\/15536548.2012.10845654","article-title":"An exploratory analysis of data breaches from 2005-2011: trends and insights","volume":"8","year":"2012","journal-title":"Journal of Information Privacy and Security"},{"issue":"1","key":"key2021031214204312200_ref004","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1146\/annurev.psych.52.1.1","article-title":"Social cognitive theory: an agentic perspective","volume":"52","year":"2001","journal-title":"Annual Review of Psychology"},{"issue":"3","key":"key2021031214204312200_ref005","doi-asserted-by":"crossref","first-page":"523","DOI":"10.2307\/25750690","article-title":"Information security policy compliance: an empirial study of rationality-based beliefs and information security awareness","volume":"34","year":"2010","journal-title":"MIS Quartely"},{"key":"key2021031214204312200_ref006","first-page":"315","article-title":"Partial least squares is to lisrel as principal components analysis is to common factor analysis","volume":"2","year":"1995","journal-title":"Technology Studies"},{"issue":"2","key":"key2021031214204312200_ref007","first-page":"295","article-title":"The partial least squares approach to structural equation modeling","volume":"295","year":"1998","journal-title":"Modern Methods for Business Research"},{"key":"key2021031214204312200_ref008","doi-asserted-by":"crossref","first-page":"90","DOI":"10.1016\/j.cose.2012.09.010","article-title":"Future directions for behavioral information security research","volume":"32","year":"2013","journal-title":"Computers and Security"},{"issue":"1","key":"key2021031214204312200_ref009","doi-asserted-by":"crossref","first-page":"79","DOI":"10.1287\/isre.1070.0160","article-title":"User awareness of security countermeasures and its impact on information systems misuse: a deterrence approach","volume":"20","year":"2009","journal-title":"Information Systems Research"},{"issue":"2","key":"key2021031214204312200_ref010","doi-asserted-by":"crossref","first-page":"109","DOI":"10.1016\/0092-6566(85)90023-6","article-title":"The general causality orientations scale: self-determination in personality","volume":"19","year":"1985","journal-title":"Journal of Research in Personality"},{"issue":"6","key":"key2021031214204312200_ref011","doi-asserted-by":"crossref","first-page":"1024","DOI":"10.1037\/0022-3514.53.6.1024","article-title":"The support of autonomy and the control of behavior","volume":"53","year":"1987","journal-title":"Journal of Personality and Social Psychology"},{"issue":"1","key":"key2021031214204312200_ref012","doi-asserted-by":"crossref","first-page":"119","DOI":"10.1111\/j.1467-6494.1994.tb00797.x","article-title":"Facilitating internalization: the self\u2010determination theory perspective","volume":"62","year":"1994","journal-title":"Journal of Personality"},{"key":"key2021031214204312200_ref013","volume-title":"Principles of Information Systems Security: Text and Cases","year":"2007"},{"issue":"4","key":"key2021031214204312200_ref014","doi-asserted-by":"crossref","first-page":"345","DOI":"10.1057\/palgrave.ejis.3000629","article-title":"Resist, comply or workaround? An examination of different facets of user engagement with information systems","volume":"15","year":"2006","journal-title":"European Journal of Information Systems"},{"issue":"3","key":"key2021031214204312200_ref015","first-page":"39","article-title":"Evaluating structural equation models with unobservable variables and measurement error","volume":"18","year":"1981","journal-title":"Journal of Marketing Research"},{"key":"key2021031214204312200_ref016","volume-title":"Work Redesign","year":"1980"},{"issue":"2","key":"key2021031214204312200_ref017","first-page":"1","article-title":"Data-centric security: integrating data privacy and data security","volume":"53","year":"2009","journal-title":"IBM Journal of Research and Development"},{"issue":"2","key":"key2021031214204312200_ref018","doi-asserted-by":"crossref","first-page":"106","DOI":"10.1057\/ejis.2009.6","article-title":"Protection motivation and deterrence: a framework for security policy compliance in organisations","volume":"18","year":"2009","journal-title":"European Journal of Information Systems"},{"issue":"2","key":"key2021031214204312200_ref019","first-page":"401","article-title":"Active on the job\u2014proactive in change: how autonomy at work contributes to employee support for organizational change","volume":"43","year":"2007","journal-title":"The Journal of Applied Behavioral Science"},{"issue":"2","key":"key2021031214204312200_ref020","doi-asserted-by":"crossref","first-page":"99","DOI":"10.1016\/j.im.2011.12.005","article-title":"Applying an extended model of deterrence across cultures: an investigation of information systems misuse in the US and South Korea","volume":"49","year":"2012","journal-title":"Information and Management"},{"key":"key2021031214204312200_ref021","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1016\/j.pmcj.2016.06.007","article-title":"This is my device! Why should I follow your rules? Employees' compliance with BYOD security policy","volume":"32","year":"2016","journal-title":"Pervasive and Mobile Computing"},{"issue":"3","key":"key2021031214204312200_ref022","doi-asserted-by":"crossref","first-page":"54","DOI":"10.1145\/3242734.3242739","article-title":"Rethinking the prevailing security paradigm: can user empowerment with traceabiltiy reduce the rate of security policy circumvention?","volume":"49","year":"2018","journal-title":"The DATABASE for Advances in Information Systems"},{"issue":"3","key":"key2021031214204312200_ref023","doi-asserted-by":"crossref","first-page":"549","DOI":"10.2307\/25750691","article-title":"Fear appeals and information security behaviors: an empirical study","volume":"34","year":"2010","journal-title":"MIS Quarterly"},{"issue":"12","key":"key2021031214204312200_ref024","doi-asserted-by":"crossref","first-page":"784","DOI":"10.17705\/1jais.00251","article-title":"The effect of extrinsic motivation and satisfaction in open source software development","volume":"11","year":"2010","journal-title":"Journal of the Association for Information Systems"},{"issue":"3","key":"key2021031214204312200_ref025","first-page":"257","article-title":"Inducing Intrinsic motivation to explore the enterprise system: the supermacy organizational levers","volume":"23","year":"2012","journal-title":"Journal of Management Information Systems"},{"issue":"3","key":"key2021031214204312200_ref026","doi-asserted-by":"crossref","first-page":"499","DOI":"10.5465\/amr.1981.4285795","article-title":"Task interdependence and the theory of job design","volume":"6","year":"1981","journal-title":"Academy of Management Review"},{"issue":"4","key":"key2021031214204312200_ref027","doi-asserted-by":"crossref","first-page":"986","DOI":"10.1108\/JKM-08-2016-0353","article-title":"The effect of compliance knowledge and compliance support systems on information security compliance behavior","volume":"21","year":"2017","journal-title":"Journal of Knowledge Management"},{"key":"key2021031214204312200_ref028","article-title":"Work coordination, workflow, and workarounds in a medical context","year":"2005"},{"issue":"7","key":"key2021031214204312200_ref029","first-page":"1","article-title":"Lateral collinearity and misleading results in variance-based SEM: an illustration and recommendations","volume":"13","year":"2012","journal-title":"Journal of the Association for Information Systems"},{"issue":"4","key":"key2021031214204312200_ref030","doi-asserted-by":"crossref","first-page":"1","DOI":"10.4018\/ijec.2014100101","article-title":"Using data labels to discover moderating effects in PLS-based structural equation modeling","volume":"10","year":"2014","journal-title":"International Journal of E-Collaboration"},{"key":"key2021031214204312200_ref031","unstructured":"Kock, N. (2015), \u201cWarpPLS 5.0 user manual\u201d, available at: http:\/\/cits.tamiu.edu\/WarpPLS\/UserManual_v_5_0.pdf\/ (accessed March 2018)."},{"issue":"6","key":"key2021031214204312200_ref032","doi-asserted-by":"crossref","first-page":"934","DOI":"10.1037\/0021-9010.89.6.934","article-title":"Effects of task autonomy on performance: an extended model considering motivational, informational, and structural mechanisms","volume":"89","year":"2004","journal-title":"Journal of Applied Psychology"},{"issue":"3","key":"key2021031214204312200_ref033","doi-asserted-by":"crossref","first-page":"71","DOI":"10.1145\/1325555.1325569","article-title":"Promoting personal responsibility for internet safety","volume":"51","year":"2008","journal-title":"Communications of the ACM"},{"issue":"2","key":"key2021031214204312200_ref034","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1016\/S0925-7535(97)00073-8","article-title":"Not working to rule: understanding procedural violations at work","volume":"28","year":"1998","journal-title":"Safety Science"},{"issue":"2","key":"key2021031214204312200_ref035","doi-asserted-by":"crossref","first-page":"279","DOI":"10.1287\/isre.1120.0427","article-title":"Ensuring employees' IT compliance: carrot or stick?","volume":"24","year":"2013","journal-title":"Information Systems Research"},{"issue":"1","key":"key2021031214204312200_ref036","doi-asserted-by":"crossref","first-page":"143","DOI":"10.1007\/s12927-012-0006-1","article-title":"Strategic value and drivers behind organizational adoption of enterprise DRM: the Korean case","volume":"4","year":"2012","journal-title":"Journal of Service Science Research"},{"key":"key2021031214204312200_ref037","volume-title":"From Digital Rights Management to Enterprise Rights and Policy Management: Challenges and Opportunities","year":"2007"},{"issue":"5","key":"key2021031214204312200_ref038","doi-asserted-by":"crossref","first-page":"673","DOI":"10.1016\/j.cose.2012.04.004","article-title":"Taxonomy of compliant information security behavior","volume":"31","year":"2012","journal-title":"Computer and Security"},{"key":"key2021031214204312200_ref039","first-page":"156b","article-title":"Employees' behavior towards IS security policy compliance","year":"2007"},{"issue":"6","key":"key2021031214204312200_ref040","doi-asserted-by":"crossref","first-page":"835","DOI":"10.1037\/0021-9010.83.6.835","article-title":"Enhancing role breadth self-efficacy: the roles of job enrichment and other organizational interventions","volume":"83","year":"1998","journal-title":"Journal of Applied Psychology"},{"issue":"3","key":"key2021031214204312200_ref041","doi-asserted-by":"crossref","first-page":"277","DOI":"10.1007\/s11031-009-9137-1","article-title":"Reactance, autonomy, and path to persuation: examining perceptions of threats to freedom and informational value","volume":"33","year":"2009","journal-title":"Motivation and Emotion"},{"issue":"1","key":"key2021031214204312200_ref042","doi-asserted-by":"crossref","first-page":"115","DOI":"10.2307\/25148720","article-title":"Understanding and predicting electronic commerce adoption: an extension of the theory of planned behavior","volume":"30","year":"2006","journal-title":"MIS Quarterly"},{"issue":"6","key":"key2021031214204312200_ref043","doi-asserted-by":"crossref","first-page":"467","DOI":"10.1016\/j.jom.2012.06.002","article-title":"Using partial least squares in operations management research: a practical guideline and summary of past research","volume":"30","year":"2012","journal-title":"Journal of Operations Management"},{"issue":"4","key":"key2021031214204312200_ref044","doi-asserted-by":"crossref","first-page":"326","DOI":"10.1108\/ICS-10-2014-0067","article-title":"Stress-based security compliance model\u2013an exploratory study","volume":"24","year":"2016","journal-title":"Information and Computer Security"},{"issue":"3","key":"key2021031214204312200_ref045","doi-asserted-by":"crossref","first-page":"596","DOI":"10.1037\/0022-3514.52.3.596","article-title":"Effects of components of protection-motivation theory on adaptive and maladaptive coping with a health threat","volume":"52","year":"1987","journal-title":"Journal of Personality and Social Psychology"},{"issue":"1","key":"key2021031214204312200_ref046","doi-asserted-by":"crossref","first-page":"93","DOI":"10.1080\/00223980.1975.9915803","article-title":"A protection motivation theory of fear appeals and attitude change1","volume":"91","year":"1975","journal-title":"Journal of Psychology"},{"key":"key2021031214204312200_ref047","volume-title":"Essentials of Behavioral Research: Methods and Data Analysis","year":"1991"},{"key":"key2021031214204312200_ref048","volume-title":"Intrinsic Motivation and Self-Determination in Human Behavior","year":"1985"},{"issue":"1","key":"key2021031214204312200_ref049","doi-asserted-by":"crossref","first-page":"68","DOI":"10.1037\/0003-066X.55.1.68","article-title":"Self-determination theory and facilitation of intrinsic motivation, social development, and well-being","volume":"55","year":"2000","journal-title":"American Psychologist"},{"key":"key2021031214204312200_ref050","doi-asserted-by":"crossref","first-page":"221","DOI":"10.1016\/S0065-2601(08)60358-5","article-title":"Normative influences on altruism","volume":"10","year":"1977","journal-title":"Advances in Experimental Social Psychology"},{"key":"key2021031214204312200_ref051","doi-asserted-by":"crossref","first-page":"199","DOI":"10.1016\/j.chb.2015.01.046","article-title":"Online safety begins with you and me: convincing Internet users to protect themselves","volume":"48","year":"2015","journal-title":"Computers in Human Behavior"},{"issue":"3","key":"key2021031214204312200_ref052","doi-asserted-by":"crossref","first-page":"487","DOI":"10.2307\/25750688","article-title":"Neutralization: new insights into the problem of employee systems security policy violations","volume":"34","year":"2010","journal-title":"MIS Quarterly"},{"issue":"2","key":"key2021031214204312200_ref053","doi-asserted-by":"crossref","first-page":"217","DOI":"10.1016\/j.im.2013.08.006","article-title":"Employees' adherence to information security policies: an exploratory field study","volume":"51","year":"2014","journal-title":"Information and Management"},{"issue":"7","key":"key2021031214204312200_ref054","doi-asserted-by":"crossref","first-page":"296","DOI":"10.1016\/j.im.2011.07.002","article-title":"Out of fear or desire? Toward a better understanding of employees' motivation to follow IS security policies","volume":"48","year":"2011","journal-title":"Information and Management"},{"issue":"2","key":"key2021031214204312200_ref055","doi-asserted-by":"crossref","first-page":"159","DOI":"10.1111\/j.1468-2389.2012.00589.x","article-title":"Personal values, autonomy, and self\u2010efficacy: evidence from frontline service employees","volume":"20","year":"2012","journal-title":"International Journal of Selection and Assessment"},{"issue":"5","key":"key2021031214204312200_ref056","doi-asserted-by":"crossref","first-page":"1442","DOI":"10.2307\/256865","article-title":"Psychological empowedrment in the workplace - dimensions, measurement, and validation","volume":"38","year":"1995","journal-title":"Academy of Management Journal"},{"issue":"1","key":"key2021031214204312200_ref057","doi-asserted-by":"crossref","first-page":"159","DOI":"10.1016\/j.csda.2004.03.005","article-title":"PLS path modeling","volume":"48","year":"2005","journal-title":"Computational Statistics and Data Analysis"},{"issue":"6","key":"key2021031214204312200_ref058","doi-asserted-by":"crossref","first-page":"1143","DOI":"10.5465\/amj.2005.19573114","article-title":"Can businesses effectively regulate employee conduct? The antecedents of rule following in work settings","volume":"48","year":"2005","journal-title":"Academy of Management Journal"},{"issue":"1","key":"key2021031214204312200_ref059","doi-asserted-by":"crossref","first-page":"114","DOI":"10.1197\/jamia.M2378","article-title":"Technology implementation and workarounds in the nursing home","volume":"15","year":"2008","journal-title":"Journal of the American Medical Informatics Association"},{"issue":"4","key":"key2021031214204312200_ref060","doi-asserted-by":"crossref","first-page":"52","DOI":"10.1080\/15536548.2013.10845690","article-title":"Control-related motivations and information security policy compliance: the role of autonomy and efficacy","volume":"9","year":"2013","journal-title":"Journal of Information Privacy and Security"},{"issue":"3","key":"key2021031214204312200_ref061","doi-asserted-by":"crossref","first-page":"217","DOI":"10.1177\/0092070302303003","article-title":"The effects of job autonomy, customer demandingness, and trait competitiveness on salesperson learning, self-efficacy, and performance","volume":"30","year":"2002","journal-title":"Journal of the Academy of Marketing Science"},{"issue":"2","key":"key2021031214204312200_ref062","doi-asserted-by":"crossref","first-page":"101","DOI":"10.1057\/ejis.2009.12","article-title":"Behavioral and policy issues in information systems security: the insider threat","volume":"18","year":"2009","journal-title":"European Journal of Information Systems"},{"issue":"3","key":"key2021031214204312200_ref063","doi-asserted-by":"crossref","first-page":"267","DOI":"10.1057\/ejis.2010.72","article-title":"The influence of the informal social learning environment on information privacy policy compliance efficacy and intention","volume":"20","year":"2011","journal-title":"European Journal of Information Systems"},{"issue":"4","key":"key2021031214204312200_ref064","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1145\/1330311.1330320","article-title":"The psychology of security","volume":"51","year":"2008","journal-title":"Communications of the ACM"},{"issue":"1","key":"key2021031214204312200_ref065","doi-asserted-by":"crossref","first-page":"177","DOI":"10.2307\/20650284","article-title":"Using PLS path modeling for assessing hierarchical construct models: guidelines and empirical illustration","volume":"33","year":"2009","journal-title":"MIS Quarterly"},{"issue":"2","key":"key2021031214204312200_ref066","first-page":"799","article-title":"Security lapses and the omission of information security measures: a threat control model and empirical test","volume":"24","year":"2008","journal-title":"Computers in Human Behavior"},{"issue":"4","key":"key2021031214204312200_ref067","doi-asserted-by":"crossref","first-page":"401","DOI":"10.1108\/ITP-12-2012-0147","article-title":"Understanding computer security behavioral intention in the workplace: an empirical study of Korean firms","volume":"26","year":"2013","journal-title":"Information Technology and People"},{"issue":"2","key":"key2021031214204312200_ref068","doi-asserted-by":"crossref","first-page":"261","DOI":"10.1037\/0021-9010.83.2.261","article-title":"Feedback valence, feedback style, task autonomy, and achievement orientation: interactive effects on creative performance","volume":"83","year":"1998","journal-title":"Journal of Applied Psychology"}],"container-title":["Information Technology &amp; People"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ITP-05-2018-0256\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ITP-05-2018-0256\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,24]],"date-time":"2025-07-24T21:54:49Z","timestamp":1753394089000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/itp\/article\/34\/2\/599-616\/187056"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,5,12]]},"references-count":69,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2020,5,12]]}},"alternative-id":["10.1108\/ITP-05-2018-0256"],"URL":"https:\/\/doi.org\/10.1108\/itp-05-2018-0256","relation":{},"ISSN":["0959-3845"],"issn-type":[{"value":"0959-3845","type":"print"}],"subject":[],"published":{"date-parts":[[2020,5,12]]}}}