Exploring the Relation between Information Security Policy Compliance and Cyber Resilience

Authors

Abigaïl de Rijp
Open Universiteit, Faculty of Science
https://orcid.org/0009-0004-9437-3496
Tim Huygh
Open University of the Netherlands, Faculty of Science
https://orcid.org/0000-0003-4564-7994
Clara Maathuis
Open Universiteit, Faculty of Science
Rogier van de Wetering
Open Universiteit, Faculty of Science
https://orcid.org/0000-0002-8024-7120
Harald Vranken
Open Universiteit, Faculty of Science
https://orcid.org/0000-0003-4541-6475
DOI: https://doi.org/10.18690/um.fov.4.2026.11

Synopsis

Contemporary digital environments necessitate an increased organizational commitment to safeguarding the confidentiality, integrity and availability of information assets. An indispensable element of this endeavor lies in issuing and enforcing Information Security Policies (ISP) that delineate appropriate handling and use of the organization’s information assets. While prior research predominantly examined the impact of ISPs on employee cyber behavior, limited attention was given to the organizational-level effects of ISP compliance (ISPC). In particular, the extent to which ISPC and cyber resilience (CR) are interrelated is still insufficiently understood. In light thereof, this article explores mechanisms that can be implemented to increase ISPC, the general organizational-level effects of ISPC, and how ISPC relates to CR specifically. Drawing on an integrative literature review and a holistic case study, this article explores the role of ISPC in driving organizational CR.

Author Biographies

Abigaïl de Rijp, Open Universiteit, Faculty of Science

Heerlen, the Netherlands. E-mail: abigail.derijp@ou.nl

Tim Huygh, Open University of the Netherlands, Faculty of Science

Dr. Tim Huygh is assistant professor at the department of information science at the faculty of science of the Open Universiteit, the Netherlands. He is also a visiting professor at the Antwerp Management School. He received his PhD in 2019 on IT governance from the University of Antwerp. His research interests include the governance and (strategic) management of information and technology, information security governance, and cyber resilience. His research has been published in SCI-indexed journals like Information Systems Journal (ISJ) and Decision Support Systems (DSS), and various conference proceedings including the International Conference on Information Systems (ICIS) and the Hawaii International Conference on System Sciences (HICSS). He also co-authored three books on the topic of IT governance (published by Springer). Since 2020, he is co-chairing the minitrack “IT governance and its mechanisms” at HICSS.

Limburg, the Netherlands. E-mail: tim.huygh@ou.nl

Clara Maathuis, Open Universiteit, Faculty of Science

Heerlen, the Netherlands. E-mail: clara.maathuis@ou.nl

Rogier van de Wetering, Open Universiteit, Faculty of Science

Rogier van de Wetering is Full Professor of Digital-Driven Transformation and Vice-Dean of Education in the Department of Computer Science at Open Universiteit.

Heerlen, the Netherlands. E-mail: rogier.vandewetering@ou.nl 

Harald Vranken, Open Universiteit, Faculty of Science

Heerlen, the Netherlands. E-mail: harald.vranken@ou.nl

Volume

39th Bled eConference: Co-Creating Human-Centred and Responsible Digital Futures; Conference Proceedings

Pages

177-192

Published

June 5, 2026

Series

Bled eConference

Categories

Copyright (c) 2026 University of Maribor, University of Maribor Press

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

de Rijp, A., Huygh, T., Maathuis, C., van de Wetering, R., & Vranken, H. (2026). Exploring the Relation between Information Security Policy Compliance and Cyber Resilience. In D. Vidmar, A. Pucihar, M. Kljajić Borštnar, R. W. H. Bons, M. Glowatz, & H.-D. Zimmermann (Eds.), & (Ed.), 39th Bled eConference: Co-Creating Human-Centred and Responsible Digital Futures; Conference Proceedings (Vols. 39., pp. 177-192). University of Maribor Press. https://doi.org/10.18690/um.fov.4.2026.11