A model of end-user computing policy: Context, process, content and compliance

One factor that has been cited as key to successful end-user computing (EUC) management is a formalized policy statement that defines the limits of users’ discretion. In this paper, a model of EUC policy is developed as a mechanism for examining relationships between organizational context, the process by which EUC policy is developed and administered, and the content of resulting policy statements. Organizational compliance is introduced as an important outcome measure in the model. A mail survey of MIS executives in 107 Fortune 1000 companies provides preliminary support for this contingency theory of EUC policy compliance. The results suggest that firms which are procedurally bureaucratic are most likely to develop comprehensive and restrictive EUC policy statements. Organizational compliance levels were reported to be highest in companies with both comprehensive and restrictive EUC policy statements and formal mechanisms for monitoring compliance.