Religiosity and Information Security Policy Compliance

Abstract

Information security is a top concern of managers, often addressed with technical, behavioral and procedural solutions. Information Security Policies (ISPs) are among these solutions. ISPs require organizational members to conform to security measures but individuals often fail to comply with them. While prior studies investigated several factors leading to compliance, the effect of religiosity on intention to comply with ISP (ICISP) has been overlooked. This research, therefore, studies the role of religiosity and conservation value in addition to existing factors. The proposed model is tested with students in universities in Ethiopia and USA to obtain a wide array of religious beliefs. The findings show subjective norm and religiosity indirectly but positively affects ICISP via attitude. They also show direct positive effect of religiosity on ICISP. Contrary to prior studies, conservative-value affects ICISP positively; and, when moderated by religiosity, the relationship becomes stronger. Consistent with prior studies, self-efficacy positively affects ICISP.