ENHANCING REGULATORY COMPLIANCE THROUGH TRAINING AND DEVELOPMENT PROGRAMS: CASE STUDIES AND RECOMMENDATION

Abstract

This article explores the significance of training and development in improving worker performance, particularly in the realm of Information Systems (IS) security. Recognizing that employees are crucial assets to any organization, the study focuses on the effectiveness of IS security training in fostering compliance and reducing security breaches. It employs two theoretical frameworks—the Elaboration Likelihood Model (ELM) and Universal Constructive Instructional Theory (UCIT)—to design a comprehensive training program aimed at enhancing cognitive processing and retention of security policies among employees. The research adopts an action research methodology, characterized by a cyclical process of intervention and evaluation. This approach allows for the continuous refinement of the training program based on empirical evidence. The study is structured into four phases: identifying instructional tasks, diagnosing learner states, delivering instructional content, and evaluating training outcomes.
Results from the study reveal substantial improvements in employees' understanding and adherence to IS security policies, as well as heightened awareness of the risks associated with non-compliance. The findings underscore the effectiveness of theoretically grounded  training programs in achieving long-term behavioral change and enhancing organizational security. Overall, the article provides valuable insights into the design and implementation of IS security training programs, demonstrating how the integration of ELM and UCIT can lead to more effective and sustainable training outcomes. It concludes with recommendations for further refining training approaches to better address the evolving security needs of organizations.