A novel method to enhance ISSP compliant: An approach drawing upon the concept of empowerment in ERM system workflow

Abstract

Nowadays, enterprises employ information security system to protect organizational assets, then enforce employee to follow system workflow (i.e., information security policies). Although companies control employee by predefined workflow, employees tend to circumvent the workflow when the workflow is impeded and being inflexibility. Thus, the goal of this study is to delineate the new concept of system workflow, which is the method of increasing system workflow flexibility. We propose the notion of empowered system workflow through in the specific context of the enterprise digital rights management system (ERM). The ERM as an example of an information security system plays a role in persistently protecting information assets. This study examined the differences between the proposed notion of ERM system and the conventional ERM system through three aspects (psychological ownership, perceived benefit, and awareness of audit). The results of this study are expected to shed light on new approach to compliance behavior.