This study examines the interplay of national culture, organizational norms, and institutional environment on user compliance with information security policy (ISP). Building on the Neo-Institutional Theory (NIT) and Cross-Cultural Framework, this study intends to (1) investigate the relationship among national culture, organizational norms, and institutional environment for ISP compliance at the individual level; and (2) present the similarities and differences of ISP compliance in a cross-national, cross-industry context. Particularly, this study intends to identify the differences on user’s compliance between the higher education and the banking industry in countries including the United States and South Korea. We believe that the stark contrast between both industries in relation to policy compliance coupled with the distinctive differences in national culture between both nations will draw significant findings to explain the interactive effects of national culture, industry’s institutional environment and organizational norms on user’s compliance.
Available at: http://works.bepress.com/hweejoo/18/