Key points are not available for this paper at this time.
Although organizational IT security awareness is an important element and the overall security of any organization, some of its foundations, such as understanding the difference between descriptive and prescriptive awareness and the requirements of intrinsic motivation, have not been properly investigated. As a result, end-users often fail to internalize target goals and follow guidelines. To maximize end-user acceptance and the internalization of IT security awareness, the authors formulate a set of motivational factors aimed at enhancing the understanding and use of prescriptive awareness.
Siponen et al. (Wed,) studied this question.