Abstract
To protect consumer information, many countries have begun enforcing the Personal Data Protection Act. Organizations are required to comply with this Act, failure of which may result in hefty penalties. To ensure compliance, some organizations have introduced their own information security policy to protect consumer information. A review of the literature shows that many employees are either unaware of the policy or tend to ignore it, which increases the risk of non-compliance. To help organizations manage compliance among their employees, in this study, we used demographic factors to develop profiles of employees’ policy awareness and their intention to comply. By having an understanding of employee profiles, effective and targeted strategies can be devised to educate employees accordingly. Our data from 607 respondents show that age, working industry and education levels have significant effects on information security policy awareness and compliance.
| Original language | English |
|---|---|
| Pages (from-to) | 1770-1780 |
| Number of pages | 11 |
| Journal | Telematics and Informatics |
| Volume | 35 |
| Issue number | 6 |
| DOIs | |
| Publication status | Published - Sept 2018 |
| Externally published | Yes |
Keywords
- Demographic characteristics
- Information privacy and security
- Personal data protection
- Policy awareness
- Policy compliance
ASJC Scopus subject areas
- Computer Networks and Communications
- Electrical and Electronic Engineering