{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,14]],"date-time":"2025-05-14T12:03:57Z","timestamp":1747224237023,"version":"3.40.5"},"reference-count":0,"publisher":"IGI Global","issue":"2","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016,4,1]]},"abstract":"<p>This study develops a model, based on the controls present in ISO\/IEC 27002 framework, to integrate the role of technical and administrative security controls. The model provides better understanding of how security policy can influence security compliance and the pathway through which this effect is generated. Data were collected from 223 IT security and management professionals. Using Partial Least Square Structural Equation Modelling (PLS-SEM) and testing hypotheses, the study finds that information security policy has significant indirect influence on information security compliance. The effect of security policy is fully mediated by security roles and responsibilities, operations security activities, and security monitoring and review activities. Security policy strongly influences operations security activities and has the greatest effect on security roles and responsibilities. Among the three mediating variables, monitoring and reviews has the most significant influence on security compliance. Conversely, the impact of security policy on compliance is not significant.<\/p>","DOI":"10.4018\/jitr.2016040101","type":"journal-article","created":{"date-parts":[[2016,7,19]],"date-time":"2016-07-19T11:46:01Z","timestamp":1468928761000},"page":"1-16","source":"Crossref","is-referenced-by-count":4,"title":["Towards Modelling the Impact of Security Policy on Compliance"],"prefix":"10.4018","volume":"9","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7756-1832","authenticated-orcid":true,"given":"Winfred","family":"Yaokumah","sequence":"first","affiliation":[{"name":"Department of Information Technology, Pentecost University College, Accra, Ghana"}]},{"given":"Steven","family":"Brown","sequence":"additional","affiliation":[{"name":"School of Business and Technology, Capella University, Minneapolis, MN, USA"}]},{"given":"Alex Ansah","family":"Dawson","sequence":"additional","affiliation":[{"name":"School of Technology, Ghana Institute of Management and Public Administration, Accra, Ghana"}]}],"member":"2432","container-title":["Journal of Information Technology Research"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=160154","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,2]],"date-time":"2022-06-02T03:58:50Z","timestamp":1654142330000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/JITR.2016040101"}},"subtitle":[""],"short-title":[],"issued":{"date-parts":[[2016,4,1]]},"references-count":0,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2016,4]]}},"URL":"https:\/\/doi.org\/10.4018\/jitr.2016040101","relation":{},"ISSN":["1938-7857","1938-7865"],"issn-type":[{"type":"print","value":"1938-7857"},{"type":"electronic","value":"1938-7865"}],"subject":[],"published":{"date-parts":[[2016,4,1]]}}}