Skip to Main Content
Article navigation
Volume 33, Issue 1
20 January 2025
Information and Computer Security Cover Image for Volume 33, Issue 1
Research Article| April 30 2024

Information security policy effectiveness: a managerial perspective of the financial industry in Vietnam Available to Purchase

Thai Pham;
Thai Pham
Faculty of Business, Economics and Law,
Auckland University of Technology
, Auckland,
New Zealand

Thai Pham graduated with a master’s degree in Business Information Systems, at Auckland University of Technology. Thai is currently working as a Regional Data and Modeling Manager in Collectius Group, Singapore. He is interested in management and leadership’ effects on information technology and security. He has a proceeding published and presented at The Australasian Conference on Information Systems.

Search for other works by this author on:
This Site
PubMed
Google Scholar
Farkhondeh Hassandoust
Farkhondeh Hassandoust
Department of Information Systems and Operation Management,
University of Auckland
, Auckland,
New Zealand

Farkhondeh Hassandoust is a Senior Lecturer in Business Information Systems, at the University of Auckland. Farkhondeh’s research interests include information security and privacy. Her works have been published in Information Systems Journal, Information and Management journal, Journal of the American Medical Informatics Association, Behaviour and IT journal and IS Frontiers, among others. She has also presented her works in international conferences such as Internal Conference on Information Systems, European Conference on Information Systems and Pacific Asia Conference on Information Systems. Her research has been supported by grants from Auckland University of Technology Vice-Chancellor’s Scholarship, Internet New Zealand and Government Health Delivery Research Activation Grant.

Farkhondeh Hassandoust is the corresponding author and can be contacted at: farkhondeh.hassandoust@auckland.ac.nz
Search for other works by this author on:
This Site
PubMed
Google Scholar
Author & Article Information
Farkhondeh Hassandoust is the corresponding author and can be contacted at: farkhondeh.hassandoust@auckland.ac.nz
Publisher: Emerald Publishing
Received: September 25 2023
Revision Received: January 07 2024
Revision Received: March 23 2024
Accepted: March 29 2024
Online ISSN: 2056-497X
Print ISSN: 2056-4961
© Emerald Publishing Limited
2024
Emerald Publishing Limited
Licensed re-use rights only
Information and Computer Security (2025) 33 (1): 77–95.
https://doi.org/10.1108/ICS-09-2023-0165
Article history
Received:
September 25 2023
Revision Received:
January 07 2024
Revision Received:
March 23 2024
Accepted:
March 29 2024
Purpose

Information security (InfoSec) policy violations are of great concern to all organisations worldwide, especially in the financial industry. Although the importance of InfoSec policy has been highlighted for many decades, InfoSec breaches still occur due to a low level of employee compliance and a lack of engagement and competence in high-level management. However, previous studies have primarily investigated the behavioural aspects of InfoSec policy compliance at the individual level rather than the managerial factors involved in constructing InfoSec policy and developing its effectiveness. Thus, drawing on neo-institutional theory and a transformational leadership framework, this research investigated the influence of external mechanisms and transformational leadership on InfoSec policy effectiveness.

Design/methodology/approach

The research model was implemented using field survey data from professional managers in the financial sector.

Findings

The results reported that neo-institutional mechanisms and transformational leadership shape InfoSec policy effectiveness in an organisation.

Originality/value

This study broadens current InfoSec policy research from an individual level to a managerial perspective and enhances the existing literature on neo-institutional and transformational leadership in the context of InfoSec. It highlights the need to evaluate InfoSec policy based on external factors and to support transformational leadership styles that promote InfoSec policy enforcement and effectiveness.

Keywords:
InfoSec policy, InfoSec policy effectiveness, InfoSec policy enforcement, Neo-institutional theory, Transformational leadership
© Emerald Publishing Limited
2024
Emerald Publishing Limited
Licensed re-use rights only
You do not currently have access to this content.
Don't already have an account? Register

Purchased this content as a guest? Enter your email address to restore access.

Please enter valid email address.
Email address must be 94 characters or fewer.
Pay-Per-View Access
$41.00
Rental
This article is also available for rental through DeepDyve. Read this now at DeepDyve
707 Views
1 Crossref
View Metrics
Leadership styles and information security policy compliance intentions: the mediating role of psychological empowerment
Cognitive dissonance in cybersecurity – a review and research agenda
Users’ activity logs: the good, the bad, the misconception and the disastrous
Guest editorial: HAISA 2024 special issue

Suggested Reading

Institutions and Organizations (2nd ed.)
Leadership & Organization Development Journal (December,2003)
Fostering human development: do institutional environment quality and overall UN-SDGs attainment matter?
Sustainability Accounting, Management and Policy Journal (October,2025)
Coercive, normative, and mimetic isomorphisms as drivers of corporate tax disclosure: The case of the tax reconciliation
Journal of Applied Accounting Research (January,2020)
Multinational enterprises, local firms, and employee human rights violation in the workplace: Evidence from Mexico
Multinational Business Review (September,2018)
The determinants of family business owners’ intrafamily succession intention: An interplay between business owners and institutional environment
Chinese Management Studies (November,2016)

Related Chapters

Three Waves of American Prison Development, 1790–1920
Punishment and Incarceration: A Global Perspective
A Progressive Web3: From Social Coproduction to Digital Polycentric Governance
Defining Web3: A Guide to the New Cultural Economy
Regimes of Teacher Beliefs from a Comparative and International Perspective
Promoting and Sustaining a Quality Teacher Workforce

Recommended for you

These recommendations are informed by your reading behaviors and indicated interests.

Cited By

Google Scholar
CrossRef (1)
This Feature Is Available To Subscribers Only

or Create an Account

Close Modal
Close Modal

Gift article access

As a benefit of your subscription, you can share temporary access to restricted articles.

Each link will stop working after 30 days or 10 uses. You may create up to 10 links in a 30 day period.

Please sign in to your personal account to gift article access.

Register

Gift article access

As a benefit of your subscription, you can share temporary access to restricted articles.

Each link will stop working after 30 days or 10 uses. You may create up to 10 links in a 30 day period.

Gift articles remaining: --

Gift article access

Each link will stop working after 30 days or 10 uses. You may create up to 10 links in a 30 day period.

Gift articles remaining: --

Gift article access

As a benefit of your subscription, you can share temporary access to restricted articles.

Each link will stop working after 30 days or 10 uses.

You have reached the limit of 10 links within a 30 day period.

Sharing Unavailable

Sharing content requires targeting cookies to be enabled. Please update your cookie preferences to use this feature.