Total views : 72

Demographic Profile and Intention to Comply with Security Policy in Financial Institutions in Malaysia


  • Universiti Teknologi MARA, Shah Alam, Selangor, Malaysia


Objectives: The aim of this research is to assess demographic profiles in security compliance intention on financial institutions in Malaysia. Methods/Statistical Analysis: Based on the correlation, the research attempts to identify areas that should be focused to improve employees’ intention to comply with policies in financial institutions. The research uses quantitative approach, and administrates survey to one hundred respondents of a selected financial institution in Malaysia.Findings: The result shows there is no significant relationship in demographic profiles and security compliance intention in financial institution. Application/Improvements: In considering, financial institutions should emphasize their focus on policy making, employees training, and awareness program to improve the security policy compliance intention within the institutions


Demographics Profile, Information Security Policy, Security Compliance, User Behaviour.

Full Text:

 |  (PDF views: 78)


  • Chen Y, Ramamurthy KK, Wen K. Organizations’ information security policy compliance: Stick or carrot approach?Journal of Management Information Systems. 2012; 29(3):157–88.
  • Lebek B, Uffen J, Breitner MH, Hohler B. Employees' information security awareness and behavior: A literature review. Proceedings of HICSS'13; 2013. p. 2978–87.
  • Schneier B. Beyond fear – thinking sensibly about security in an uncertain world. Copernicus Books; 2003
  • Johnston AC, Warkentin M. Fear appeals and information security behaviors: An empirical study. MIS Quarterly.2010; 34(3):549–66.
  • Stanton JM, Julian AI. The impact of social cues about an EPM system on performance quality and quantity.Computers in Human Behavior. 2002; 18(1):85–101.
  • Stanton JM, Weiss EM. Electronic monitoring in their own words: An exploratory study of employees’ experiences with new types of surveillance. Computers in Human Behavior.2000; 16(4):423–40.
  • Karin H, Petrus EJH. Information security procedure What do international information security standards says?International Journal of Computers and Security. 2002; 21(5):402–9.
  • International Organization for Standardization. ISO/ IEC 27001:2005 Information Technology – Security Techniques – Information Security Management Systems – Requirements; 2005.
  • Von Solms R, Von Solms B. The 10 deadly sins of information security management. International Journal on Computers and Security. 2004; 23:371–6.
  • Von Solms R, Von Solms B. From policies to culture.International Journal on Computers and Security. 2004; 24(3):275–9.
  • Debi A. Information security management: A human challenge. International Journal of Information Security Technical Report. 2008; 13(4):195–201.
  • Lim JS, Chang S, Maynard S, Ahmad A. Exploring the relationship between organizational culture and information security culture. Proceedings of Australian Information Security Management Conference; 2009. p. 12.
  • Koskosas I, Kakoulidis K, Siomos C. Information security: Corporate culture and organizational commitment.International Journal of Humanities and Social Science.2011; 1(3).
  • Chan M, Woon I, Kankanhalli A. Perceptions of information security at the workplace: Linking information security climate to compliant behavior. Journal of Information Privacy and Security. 2005; 1(3).
  • Pahnila S, Siponen M, Mahmood A. Employees’ behavior towards is security policy compliance. Proceedings of HICSS’07; 2007.
  • Greene G, D’Arcy J. Assessing the impact of security culture and the employee-organization relationship on IS security compliance. Proceedings of Proc ASIA’10; 2010.
  • Burcu B, Hasan C, Izak B. Information Security procedure Compliance: An empirical study of rationality-based beliefs and information security awareness. International Journal of MIS Quarterly. 2010; 34(3):523–48.
  • Zoran C, Marija B. Information security management – defining approaches to information security policies in ISMS. Proceedings of SISY’10; 2010. p. 83–5.
  • Mete E, Erdem U, Şaban E. The positive outcomes of information security awareness training in companies - A case study. Information Security Technical Report. 2009; 14(4):223–9.
  • Tipton HF, Krause M. Information security management handbook. Auerbach Publications; 2007.
  • Scholtz T, Byrnes FC, Heiser J. Best practices and common problems for information security programs, Gartner; 2006.


  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.