Study on the Intention and Behavior Complying with Accounting Information System Security Policy: The Case of Vietnam

The digital-driven economy leads to many opportunities and many challenges for businesses concerning information system security. This is the reason why more managers concentrate on promulgating and enforcing accounting information system security policies. Research on AISSP compliance behavior, therefore, receives much attention from researchers. However, research on this topic is still very limited in Vietnam. In business practice, organizations usually use sanctions to deter employees who do not comply with the security policy. However, previous research results show inconsistency regarding the effectiveness of a motivated as well as a deterrent approach to compliance. These different results can be explained based on cultural differences as previous studies argued that research on information systems security policy compliance behavior based on motivation and deterrence mechanisms needs to be considered in the impact of a specific cultural factor. This motivated us to research AISSP compliance in the context of Vietnam. This study explores the cognitive factors and personal characteristics affecting the intention and behavior to comply with accounting information system security policy (AISSP) based on deterrence theory, protection motivation theory, and the theory of reasoned action. Our results demonstrate that the intention and behavior of accountants to comply with AISSP are positively influenced by the punishment severity, AISSP compliance attitude, response efficacy, and uncertainty avoidance. The results add to the body of literature and inform future research on AISSP compliance. From the management aspect, the results help organizations recognize the problems that need to be addressed to ensure AISSP compliance from accountants.