Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Measuring compliance with specific policy contents

The SRPC- and SrPCC-scales for a more detailed measurement of positive policy compliance
: Kurowski, Sebastian

Volltext (PDF; )

Bednar, P.M. ; Association for Information Systems -AIS-:
26th European Conference on Information Systems, ECIS 2018. Proceedings. Online resource : Beyond Digitization - Facets of Socio-Technical Change; Portsmouth, UK, June 23-28, 2018
Portsmouth, 2018
ISBN: 978-1-86137-667-1
Paper 54, 11 S.
European Conference on Information Systems (ECIS) <26, 2018, Portsmouth>
Konferenzbeitrag, Elektronische Publikation
Fraunhofer IAO ()

Research on information security policy compliance provides insights on the factors that facilitate security related human behaviour. Since humans provide the end of every technological use chain, this research provides an important building block of every organizational security architecture. Research on this topic can be divided into research on policy compliant behaviour (positive policy compliance) and research on policy deviant behaviour (negative policy compliance). However, a previous meta-study that was the first to test available measurement instruments of positive policy compliance for response biases remained inconclusive on the truthfulness of self-reported policy compliance. This contribution provides a new measurement instrument that builds upon the scenario-based questioning approach found in most negative policy compliance research, while enabling scenario-independent measurement of positive policy compliance and provided response consistency. The instrument was validated by conducting a pre-test (n = 8) in a research department and yields a promising internal validity with Cronbach alphas of .911 for the policy compliance instrument and .961 for the policy knowledge consistency instrument. The instrument is being applied in a larger survey that aims at determining the reliability of measured policy compliance of the instruments currently used in positive policy compliance research.