Determining factors determinants of bank employees’ reading habits of information security policies

William Allassani


This paper seeks to answer the question ‘What factors determine bank employee reading habits of security policies? Using the chi-square test, this research analyses the reading habits of bank staff to ascertain whether there is significant difference in their reading habits with regards to the following independent variable- gender, the section of bank the employee works (whether department or branch), number of years the staff has worked with the bank and the ownership status of the bank (public, private or foreign owned). In addition, logistic regression was employed to determine the predictors of these reading habits. This paper adopts a quantitative research methodology to study the information security reading habits of 136 Ghanaian bank staff from various banks and concludes that bank staffs working in departments are more likely to regularly read their banks policies than employees working in a branch. This paper also shows that there is statistical significant difference in reading habits with regards to the number of years an employee has worked with the bank. The paper finally shows that there is no statistical significant difference in security reading habits with regards to gender and ownership status of the bank. The logistic regression analysis also reveals that a respondent in a department is 4.4 times more likely to read the security policies relative to those in a branch. The analysis also concludes that , respondents who have worked for less than 5 years were less likely to read the policy relative to those who have worked more than 5 years (OR=.51)


Computer Security; Security Policies; User Attitudes

Full Text:



Abor, B (2001) Technological Innovations and Banking in Ghana: An Evaluation of Customers’ Perceptions. Retrieved 24 June, 2012.

Alu A.O, (2000) Effects of Information Technology on Customers Service in the Banking Industry in Nigeria. Information Technology Review. 3(1), 5-19.

Besnard, D., & Arief, B. (2004). Computer Security Impaired by legitimate users. Computers & Security, 23(3), 253-264.

Boon-Yun N, Kankanhalli A, Xu Y, C (2009) Studying Users Computer Security Behaviour: A health Belief Perspective Decision Supports Systems, 46, 815-825.

Checkly J, (1994) Electronic Banking Security: Banking System Security. Brain Welch (ed) P47. Basel Blackwell

Claburn, T. (2005, 2007). Spam cost billions. cle.jhtml?articleID=59300834. Retrieved 24 June, 2013

D'Arcy J, Hovav A, Galletta D. (2009) User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach. Information System Research, 20(1), 79-98.

Daily Telegraph (2012) UBS fined £30m over Kweku Adoboli fraud failures. Retrieved 24 June 2012

Dinev T , Qing Hu (2007) "The Centrality of Awareness in the Formation of User Behavioural Intention toward Protective Information Technologies," Journal of the Association for Information Systems, 8(7), Article 23.

Dinev T, GooJ, Hu Q, Nam K (2008) User behaviour towards protective information technologies: the role of national cultural differences. Information Systems Journal, 19(4) 391–412.

Goguen, J. A., & Meseguer, J. (1982, April). Security Policies and Security Models. In IEEE Symposium on Security and privacy (Vol. 12),5# Retrieved on 24 June 2013.

Hung S, Y, Chang C,M , Yu T,J (2006) Determinants of user acceptance of the e-Government services: The case of online tax filing and payment system. Government Information Quarterly, 23(1), 97–122.

Ibgaria M, Guimaraes T, Davis G, B (1995) Testing the determinants of Microcomputer Usage via a Structural Equation Model. Journal of Management Information Systems - Special section, 11(4), 87 – 114.

IMF (2007) Staff Country Report. Capital Markets P.25

Kankanhalli A, Teo H.H, Tan B.C.Y, Wei K.K (2003) An integrative study of information system security effectiveness, International Journal of Information Management 23

O’Leary T.J. Williams B.K, O’Leary L. (1989). McGraw Hill Microcomputing. Annual Edition McGraw Hill

Olson, I. M., & Abrams, M. D. (1995). Information security policy. Information Security–and Integrated Collection of Essays. Retrieved on 24 June 2013.

Park, C. H., & Kim, Y. G. (2003). Identifying key factors affecting consumer purchase behavior in an online shopping context. International Journal of Retail & Distribution Management, 31(1), 16-29.

Rosenstock I.M (1974) The health belief model and preventive behaviour. Health education monographs

Santon J.M, Mastrangelo P.R, Stam K.R, Jolton J (2004).Behavioral Information Security:Two end-user survey studies of innovation and security practice, Proceedings of the Tenth America’s Conference on Information Systems, New York.

Stanton J.M, Stama K,R, Mastrangelo P, Jolton J (2005) Analysis of end user security behaviours. Computers & Security, 24(2), 124–133.

Timms, S., Porter C, Bead A (2004) Information System Security breaches Survey. UK Department of Trade and Industry Survey Report.

Vijayan J (2005) Targeting the enemy within. Computer World, 39(32), 23-26.

Yeniseya M.M, Ozokb A.A, Salvendycd (2005) Security Determinants in e-commerce among Turkish university students . Behaviour & Information Technology, 24(4), 259-274.

Yi-Shun Wang, Yu-Min Wang, Hsin-Hui Lin, Tzung-I Tang, (2003) Determinants of user acceptance of Internet banking: an empirical study, Emerald 14.


Licensed under