Autonomy Motivators, Serious Games, and Intention Toward ISP Compliance


  • Ahmed Alzahrani The University of Glasgow
  • Christopher Johnson University of Glasgow



Serious game; information security policy; intrinsic motivation; autonomy.


The growing number of security breaches has become a major concern in organisations. Most often, such security breaches are related to internal employees due to their indirect or direct actions leading to information security policy (ISP) violations. Therefore, understanding employees’ security behaviour and intrinsic motivation towards ISP compliance with respect to autonomy is critical. This study aims to find out whether the autonomy intrinsic motivator can be influenced by the Decisions and Disruptions (D-D) table-top game to enhance security awareness and, in turn, reinforce behavioural intention towards ISP compliance. We developed pre- and post-assessment tests on intrinsic motivation to find out whether there is a significant improvement in test scores after participants experience D-D gameplay. Thirty postgraduate students participated in the study. Overall results confirmed that the autonomy intrinsic motivator is positively influenced by the game and has a positive effect on the behavioural intention to comply with ISPs.

Author Biography

Christopher Johnson, University of Glasgow

Professor Chris Johnson

Professor of Computing Science

Personal site:
Contact details:
Prof. Chris Johnson, DPhil, MSc, MA, FRSE, FBCS, CEng, CITP,

Room S162, School of Computing Science, Univ. of Glasgow, Glasgow, G12 8RZ, Scotland.

Tel: +44 141 330 6053, Fax: +44 141 330 4913,



How to Cite

Alzahrani, A., & Johnson, C. (2019). Autonomy Motivators, Serious Games, and Intention Toward ISP Compliance. International Journal of Serious Games, 6(4), 67 - 85.




Most read articles by the same author(s)

Obs.: This plugin requires at least one statistics/report plugin to be enabled. If your statistics plugins provide more than one metric then please also select a main metric on the admin's site settings page and/or on the journal manager's settings pages.