Critical analysis of impact of information security policies on employees' job stress in Sri Lankan telecom secto

Abstract

Job Stress is an extensively discussed topic worldwide and many researchers have done empirical studies to analyze the factors affecting job stress and have identified many stressors. Information Security Policy can be defined as a set of controls and procedures adapted by a particular organization to provide adequate protection to maintain confidentiality of data. It has become essential to enforce IS Policy to protect confidential information of the company in a competitive environment. However, some of the restrictions enforced by such policies may create unpleasant working environment. Moreover, there is a belief that some IS policies are affecting job stress of the employees. Therefore, the main objective of this research is to investigate the job stress resulting from IS Policies. Both quantitative and qualitative methods have been employed for this study. Even though the term job stress is a discussed topic, no study has been carried out so far to analyze the job stress resulting from the IS Policy in the Sri Lankan context. Therefore, all the employees who are working with telecommunication operators in Sri Lanka were considered as the target population and proportionate stratified random sampling method was used to select the sample. Research findings reveled that job stress resulting from the IS Polices may go high when the availability and awareness about such policies are at a low level Further, if the policies are not properly enforced, that may also lead to the increase of the level of job stress. Research findings showed that employees' privacy violations by IS Policy and effects of IS Policy violations are having a strong positive relationship with the job stress. Therefore, it is suggested that restrictions enforced by the IS polices should also be added to list of job stressors. This study concludes with a discussion and necessary recommendations for reformulations of the information security polices in Sri Lankan telecommunication sector.