Skip to main content
Article
A Cross Industry Study: Differences in Information Security Policy Compliance between the Banking Industry and Higher Education
ICIS 2013 Proceedings
  • Hwee-Joo Kam, Ferris State University, Big Rapids, MI, United States.
  • Pairin Katerattanakul, Western Michigan University, Kalamazoo, MI, United States.
  • Greg Gogolin, Ferris State University, Big Rapids, MI, United States.
Start Date
12-17-2013
Description

This study adopts Neo-Institutional Theory (NIT) to address the underlying differences in information security policy compliance between the banking industry and higher education. Drawing on NIT, this study examines how regulative, normative, and cognitive expectations effect internal organizational efforts of staying compliant across both industries. Using Partial Least Square (PLS) method, the analysis results suggest that both industries rely on the interrelations between regulative and normative expectations to propel the organizational efforts of attaining compliance. However, the main difference lies within cognitive expectation. In the institution of higher education, cognitive expectation influences regulative expectation that subsequently drives information security policies compliance. On the other hand, cognitive expectation reflects on the regulatory pressure in the banking industry. Given these findings, this study provides suggestions to policy makers for promoting information security policy compliance across industries.

Citation Information
Hwee-Joo Kam, Pairin Katerattanakul and Greg Gogolin. "A Cross Industry Study: Differences in Information Security Policy Compliance between the Banking Industry and Higher Education" (2013)
Available at: http://works.bepress.com/hweejoo/12/