Development of the Dynamic Optimal Control Model for Information Security Strategy Choice to Maximize Information Security Compliance Intention

Based on Theory of Planned Behavior (TPB), this study proposes a dynamic optimal control model to explore the optimal solution trajectory of investment on information security(IS) technology explaining how four different types of IS strategy influence IS compliance intention of employees. Utilizing the concepts called Prevention Oriented Policy and Deterrent Oriented Policy with a review of existing literature addressing IS issues a new model called IS Strategy Model is proposed. This study will contribute to the extension of knowledge base, first, with an interdisciplinary approach encompassing crime deterrence theory, situational crime prevention theory and psychology and, second, with a quantitative approach to this IS problem. The findings of this study will suggest both managerial and theoretical contributions. First, since the dynamic optimal control model encompasses the relationships between IS strategy and compliance intention toward IS, it will provide information managers with the guideline to develop and implement the IS strategy and policies within organizations. Second, the practitioners could prioritize the investment on IS policy based on the findings of this study. Third, it is expected to extend the study more toward quantitative approach.