With reward (carrot) and punishment (stick) widely applied by organizations to regulate mandatory IT usage, it is imperative to understand how these incentives influence employee compliance behavior. Drawing upon control theory and regulatory focus theory, this study investigates the relationships among regulatory focus, reward, punishment, and compliance behavior in mandatory IT settings. Survey data were collected from 186 employees in companies where enterprise resource planning (ERP) compliance was mandated. Analyses reveal that punishment expectancy is a strong determinant of compliance behavior, whereas the main effect of reward expectancy is not significant. Moreover, the relationship between reward expectancy and compliance behavior is moderated by promotion focus and the relationship between punishment expectancy and compliance behavior is moderated by prevention focus. This study provides an in-depth understanding of reward and punishment in mandatory IT settings and suggests that regulatory focus plays an important role in affecting employees' compliance with organizational controls.
This paper aims to understand the influence of punishment and perceived justice on user compliance with mandatory information technology (IT) policies. Drawing on punishment research and justice theory, a research model is developed. Data collected from a field survey of enterprise resource planning (ERP) users are analyzed to test the proposed hypotheses. The results indicate that IT compliance intention is strongly influenced by perceived justice of punishment, which is negatively influenced by actual punishment. When perceived justice of punishment is considered, the effect of satisfaction on compliance intention decreases and that of perceived usefulness becomes insignificant. This paper contributes to information systems (IS) research and practice by drawing attention to the importance of punishment, particularly perceived justice of punishment, in mandatory IT settings. It delineates the relationships among actual punishment, punishment expectancy, perceived justice of punishment, and IT compliance intention, and thus provides a better understanding of user compliance behavior in mandatory IT settings.