Measuring employees’ compliance – the importance of value pluralism
Abstract
Purpose
This paper aims to investigate two different types of compliance measures: the first measure is a value-monistic compliance measure, whereas the second is a value-pluralistic measure, which introduces the idea of competing organisational imperatives.
Design/methodology/approach
A survey was developed using two sets of items to measure compliance. The survey was sent to 600 white-collar workers and analysed through ordinary least squares.
Findings
The results suggest that when using the value-monistic measure, employees’ compliance was a function of employees’ intentions to comply, their self-efficacy and awareness of information security policies. In addition, compliance was not related to the occurrence of conflicts between information security and other organisational imperatives. However, when the dependent variable was changed to a value-pluralistic measure, the results suggest that employees’ compliance was, to a great extent, a function of the occurrence of conflicts between information security and other organisational imperatives, indirect conflicts with other organisational values.
Research limitations/implications
The results are based on small survey; yet, the findings are interesting and justify further investigation. The results suggest that relevant organisational imperatives and value systems, along with information security values, should be included in measures for employees’ compliance with information security policies.
Practical implications
Practitioners and researchers should be aware that there is a difference in measuring employees’ compliance using value monistic and value pluralism measurements.
Originality/value
Few studies exist that critically compare the two different compliance measures for the same population.
Keywords
Acknowledgements
This research has been funded by the Swedish Civil Contingencies Agency.
Citation
Karlsson, F., Karlsson, M. and Åström, J. (2017), "Measuring employees’ compliance – the importance of value pluralism", Information and Computer Security, Vol. 25 No. 3, pp. 279-299. https://doi.org/10.1108/ICS-11-2016-0084
Publisher
:Emerald Publishing Limited
Copyright © 2017, Emerald Publishing Limited