The impact of an employee's psychological contract breach on compliance with information security policies: intrinsic and extrinsic motivation.

Despite the rapid rise in social engineering attacks, not all employees are as compliant with information security policies (ISPs) to the extent that organisations expect them to be. ISP non-compliance is caused by a variety of psychological motivation. This study investigates the effect of psychological contract breach (PCB) of employees on ISP compliance intention by dividing them into intrinsic and extrinsic motivation using the theory of planned behaviour and the general deterrence theory. Data analysis from UK employees (n = 206) showed that the higher the PCB, the lower the ISP compliance intentions. The study also found that PCBs significantly reduced intrinsic motivation (attitude and perceived fairness) for ISP compliance intentions, whereas PCBs did not moderate the relationship between extrinsic motivation (sanction severity and sanctions certainty) and ISP compliance intentions. As a result, this study successfully addresses the risks of PCBs in the field of Information System (IS) security and proposes effective solutions for employees with high PCBs. [ABSTRACT FROM AUTHOR]