The main goal of the article is to improve how employees follow information security policies in organizations. The researchers suggest a framework that involves monitoring and raising awareness to help users understand the importance of following these policies. By continuously educating users and checking their compliance, organizations can enhance the effectiveness of their security efforts. This approach aims to address the issue of employees not being fully aware of their responsibilities when it comes to information security.