How different rewards tend to influence employee non-compliance with information security policies
INFORMATION AND COMPUTER SECURITY(2022)
摘要
Purpose To help reduce the increasing number of information security breaches that are caused by insiders, past research has examined employee non-compliance with information security policy. However, existent studies have observed mixed results, which suggest that an interaction is likely to exist among the variables that explain employee non-compliance. In an effort to provide evidence for this possibility, this paper aims to better explain why employees routinely engage in non-compliant behaviors by examining the direct and interactive effects of employees' perceived costs and rewards of compliance and non-compliance on their routinized non-compliant behaviors. Design/methodology/approach Based on rational choice theory, this study used 16 hypothetical scenarios in an experimental survey, collecting data from 326 respondents and analyzing them via structural equation modeling and a four-way factorial experiment. Findings The results suggest that routinized non-compliance of employees is more strongly influenced by the rewards than the costs they perceive in their non-compliance. Further, employees' routinized non-compliance behavior was found to be positively influenced by an interactive effect of perceived rewards of compliance when their perceptions of their non-compliance costs and rewards were both high and low. Originality/value This paper's key contribution is to suggest that non-compliance behavior is influenced by direct and interactive effects of perceived rewards of compliance and non-compliance.
更多查看译文
关键词
IS security, Non-Compliance, Rewards, Costs, Rational choice theory, Experimental survey, Hypothetical scenarios
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要