IDEAS home Printed from
   My bibliography  Save this article

Influences of Frame Incongruence on Information Security Policy Outcomes: An Interpretive Case Study


  • Anna Elina Laaksonen

    (Tampere University of Technology, Tampere, Finland)

  • Marko Niemimaa

    (Turku Centre for Computer Sciences (TUCS), Turku School of Economics, University of Turku, Turku, Finland)

  • Dan Harnesk

    (Luleå University of Technology, Luleå, Sweden)


Despite the significant resources organizations devote to information security policies, the policies rarely produce intended outcome. Prior research has sought to explain motivations for non-compliance and suggested approaches for motivating employees for compliance using theories largely derived from psychology. However, the socio-cognitive structures that shape employees' perceptions of the policies and how they influence policy outcomes have received only modest attention. In this study, the authors draw on the socio-cognitive theory of frames and on literature on information security policies in order to suggest a theoretical and analytical concept of Information Security Policy Frames of Reference (ISPFOR). The concept is applied as a sensitizing device, in order to systematically analyze and interpret how the perceptions of policies are shaped by the frames and how they influence policy outcomes. The authors apply the sensitizing device in an interpretive case study conducted at a large multinational internet service provider. The authors’ findings suggest the frames shape the perceptions and can provide a socio-cognitive explanation for unanticipated policy outcomes. Implications for research and practice are discussed.

Suggested Citation

  • Anna Elina Laaksonen & Marko Niemimaa & Dan Harnesk, 2013. "Influences of Frame Incongruence on Information Security Policy Outcomes: An Interpretive Case Study," International Journal of Social and Organizational Dynamics in IT (IJSODIT), IGI Global, vol. 3(3), pages 33-50, July.
  • Handle: RePEc:igg:jsodit:v:3:y:2013:i:3:p:33-50

    Download full text from publisher

    File URL:
    Download Restriction: no

    More about this item


    Access and download statistics


    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:igg:jsodit:v:3:y:2013:i:3:p:33-50. See general information about how to correct material in RePEc.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: (Journal Editor). General contact details of provider: .

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service hosted by the Research Division of the Federal Reserve Bank of St. Louis . RePEc uses bibliographic data supplied by the respective publishers.