Violators versus non-violators of information security measures in organizations-A study of distinguishing factors
Author | Khan, Habib Ullah |
Author | AlShare, Khalid A. |
Available date | 2020-05-15T00:15:04Z |
Publication Date | 2019-02-17 |
Publication Name | Journal of Organizational Computing and Electronic Commerce |
Resource | Scopus |
Identifier | http://dx.doi.org/10.1080/10919392.2019.1552743 |
Citation | Khan, H. U., & AlShare, K. A. (2019). Violators versus non-violators of information security measures in organizations—A study of distinguishing factors. Journal of Organizational Computing and Electronic Commerce, 29(1), 4-23. |
ISSN | 1091-9392 |
Abstract | The present study analyzes the elements that differentiate violators from non-violators of information security measures. Various elements are derived from established theories and models such as general deterrence theory, theory of planned behavior, theory of reasoned action, protection motivation theory, and social cognitive theory. To examine these factors, the data are gathered through an online study conducted in a Midwestern University, USA. The data are collected using questionnaires, and after scrutiny, 195 questionnaires are selected for final analysis. This data are analyzed using second-level statistical techniques, such as chi-square analysis and ANOVA. Results reveal that violators and non-violators of information security measures differ significantly with respect to many factors. These factors include perceived privacy, subjective norms, perceived information security policy (ISP) scope, perceived severity of penalty, perceived celerity of penalty, management support, organizational security culture, and perceived organizational IT capability. The non-significant factors are trust and work load. Implications for practitioners and researchers are provided. 2019, 2019 Taylor & Francis Group, LLC. |
Language | en |
Publisher | Taylor and Francis Inc. |
Subject | Information security (IS) information security policy (ISP) non-violators organizational IT capability violators |
Type | Article |
Pagination | 4-23 |
Issue Number | 1 |
Volume Number | 29 |
ESSN | 1532-7744 |
Files in this item
This item appears in the following Collection(s)
-
Accounting & Information Systems [537 items ]