Exploring the Effects of Sanctions and Power Distance on Information Security Policy Compliance in a High-Power Distance Society

Abstract

Research in information security requires investigating many influential factors, sometimes in combinations, to evaluate their effectiveness in combating policy compliance issues.  Organizations often use sanctions to mitigate security violations; some research findings point to the efficacy of sanctions, and some find them encouraging information security breaches. Still, this research was to study the effect of sanctions in a high-power distance society where people traditionally respect rules.  The following theories, General Deterrence Theory, Self-Efficacy Theory, Theory of Reasoned Action, and Theory of Planned Behavior, were involved in developing the model for this study.  The number of completed questionnaires used for the study was 129.  Structural equation modeling-based analysis performed on the collected data generated the following results: benefits of compliance, power distance, and self-efficacy were significant and impacting.  Sanctions were not significant.  Information security policy awareness and training programs should emphasize the variables that have positive impacts and de-emphasize sanctions

Keywords:  Information security compliance, Benefits of compliance, Self-efficacy, Power distance, Sanctions