Factors Influencing The Successful Implementation Of Enterprise Information Security Policy

Information has been an important asset of corporations, and more and more corporations begin to pay more attention to information security. In order to assure information security, many corporations have established information security policy. However, there is few employee to comply with information security policy at work, so these policies don't become effective usually. In the field of information security, information security policy has become a hot research topic, however, there is few research paying attention to information security policy enforcement. Under this condition, this article tries to do some research on information security policy enforcement.Successful information security policy enforcement is the objective of investigation in this study, and there are three kinds of affecting factors, which are policy factors, social contextual factors, and employee factor. In this study, information security policy enforcement is measured by information security compliant behavior and information security participant behavior. Policy factors include two variables, which are policy's understandability and policy's practicality. Social contextual factors include three variables, which are management practices, supervisory practices and coworker's information security behavior. Employee factor is information security self-efficacy, which is developed by this study.Data is collected from a sample of 114 employees using questionnaire and analyzed using SPSS 12.0. This study uses several methods to analyze data, such as reliability analysis, factor analysis,-multiple linear regression analysis, and so on. .There are some findings in this study. Policy's practicality, management practices, supervisory practices, coworker's information security behavior and information security self-efficacy are found to be positively related to information security compliant behavior. Policy's understandability, management practices, supervisory practices, coworker's information security behavior and information security self-efficacy have positive impacts on information security participant behavior.At last, this article illuminates theoretical and practical implications. At the same time, this article points out the shortage of this study at the end, to which future study needs to pay attention.