Compliance With Is-Security-Policies: A Socio-Material Perspective Towards Security

In the face of ever-growing IS-security breaches and their substantial impacts on organizations and societies, the necessity of enhancing organizational IS-security becomes paramount. Meanwhile, the employees' compliance with organizational IS-security policies (ISSP) is known to be critical for ensuring security. However, the extant knowledge about ISSP-compliance has remained scattered and inconclusive, and the social aspects of compliance are mostly underexplored despite their importance and impact. Moreover, there is a need for more studies that bridge the gap between the design side and the behavioral sides of IS-security; such a gap has created both conceptual and practical shortfalls within the literature. In this paper, we address these gaps by first introducing an enhanced unified framework of ISSP-compliance and, second, by theorizing a model where we propose that transparency of use enacts four distinct social practices, which, in turn, increase the employees' compliance with ISSP. Future avenues of research are also suggested.