Information Security Compliance Behaviour of Supply Chain Stakeholders

Abstract

Supply chain security is an emerging topic in the supply chain management literature. Information security is a key component of supply chain security, and this study aims to identify the factors that influence the compliance behaviour with respect to information security. A related objective is to understand the extent to which compliance was substantive or symbolic. Adopting a qualitative approach, the authors conducted semi-structured interviews with stakeholders based in New Zealand who are involved in international supply chains. The interviews find that compliance behaviour is affected by the influence of other organizations, organizational perceptions of compliance, and the rules and norms of exchange in different contexts. The results also indicate that compliance behaviour is more symbolic than substantive in the supply chain environment.