BYOD SECURITY POLICY COMPLIANCE IN MALAYSIAN PUBLIC UNIVERSITIES: AN INTEGRATED PMT –TPB – GDT MODEL WITH ISA MODERATION

Abstract

The Bring Your Own Device (BYOD) initiative is widely implemented across various organizations today. Numerous universities in Malaysia are also adopting this approach since it reduces expenses related to maintenance and device management. This paper proposes a framework to enhance compliance with BYOD security policies in the public sector. It identifies the key factors influencing user compliance and contributes to the development of a comprehensive BYOD security policy compliance framework. Quantitative data collection was conducted in Malaysian public universities to examine user behaviors and empirically test the proposed framework. The validation process with experts was executed, and consent was received to participate in the evaluation stage. The findings confirm the effectiveness of integrating (PMT), (GDT), and (TPB) Theories in shaping compliance. All examined variables—including perceived severity, perceived threats, response efficacy, self-efficacy, and formal sanctions—were found to significantly influence attitudes, subjective norms, and behavioral control, which directly affect users’ intentions to comply. Information security awareness was validated as a moderator of both attitude and intention to comply. Overall, this study provides empirical validation of the proposed BYOD framework and offers actionable guidance for policymakers, enabling universities to mitigate BYOD related risks, strengthen compliance, and safeguard credibility amid digital transformation.