Exploring the Drivers of Information Security Policy Compliance Among Contingent Employees: A Social, Deterrent, and Involvement-Based Approach

TL;DR

This study investigates how social norms, deterrence, and involvement influence contingent employees' attitudes and intentions to comply with information security policies, highlighting the importance of collaborative and supportive environments.

Contribution

It introduces an integrated model combining social, deterrent, and involvement factors to explain ISSP compliance among contingent employees, supported by empirical data from Ghanaian universities.

Findings

All factors significantly influence attitudes toward ISSPs.

Knowledge sharing has the strongest effect on attitudes.

Attitudes strongly predict compliance intentions.

Abstract

As institutions increasingly depend on Information Systems (ISs), ensuring compliance with Information Systems Security Policies (ISSPs) is critical, especially among contingent employees, whose engagement differs from that of permanent staff. This study examines how Subjective Norm, Deterrence (certainty of detection and severity of punishment), and involvement mechanisms (knowledge sharing and collaboration) influence contingent employees Attitudes Toward ISSPs and, ultimately, their Compliance Intentions. Drawing on data from Ghanaian universities and analyzed using PLS-SEM, the findings confirm that all proposed factors significantly shape attitudes, with knowledge sharing having the strongest effect. Attitude toward ISSPs also strongly predicts compliance intentions. The results support integrating social, cognitive, and collaborative factors into existing ISSP compliance models. Practical implications emphasize fostering inclusive and supportive environments alongside enforcement. This study advances theory and provides a foundation for future research into ISSP behavior among temporary academic staff.