Systematic Literature Review of Information Security Compliance Behaviour Theories

Puspadevi Kuppusamy, Ganthan Narayana Samy, Nurazean Maarop, Pritheega Magalingam, Norshaliza Kamaruddin, Bharanidharan Shanmugam, Sundresan Perumal

    Research output: Contribution to journalArticlepeer-review

    55 Downloads (Pure)


    The paper aims to identify behavioural theories that influence information security policies compliance behaviour. A systematic review of empirical studies from eleven online databases (ACM digital library, Emerald Insight, IEEE Xplore digital library, Springer link, Science direct, Scopus, Web of Science, Oxford academic journals, SAGE journals, Taylor & Francis and Wiley online library) are conducted. This review identified 29 studies met its criterion for inclusion. The investigated theories were extracted and analysed. Total of 19 theories have been identified and studied concerning to security policy compliance behaviour. The result indicated that the most established theories in information security compliance behaviour studies are the Theory of Planned Behavior and Protection Motivation theory. Meanwhile, General Deterrence Theory, Neutralization theory, Social Bond Theory / Social Control Theory are used moderately in this research area. Less explored theories are namely Self Determination Theory, Knowledge, Attitude, and Behavior, Social Cognitive Theory, Involvement Theory, Health belief model, Theory of Interpersonal Behavior, Extended Parallel Processing Model, Organisational Control Theory, Psychological Reactance Theory, Norm Activation Theory, Organizational Behaviour Theory, Cognitive Evaluation Theory and Extended Job Demands-Resources. The results from this review may guide the development and evaluation of theories promoting information security compliance behaviours. This will further contribute in the development of an integrated theory of information security compliance behaviour.

    Original languageEnglish
    Article number012005
    Pages (from-to)1-14
    Number of pages14
    JournalJournal of Physics: Conference Series
    Issue number1
    Publication statusPublished - 26 Jun 2020
    Event2nd International Conference on Recent Advancements in Science and Technology, ICoRAST 2019 - Putrajaya, Malaysia
    Duration: 28 Oct 201930 Oct 2019


    Dive into the research topics of 'Systematic Literature Review of Information Security Compliance Behaviour Theories'. Together they form a unique fingerprint.

    Cite this