李瀛

个人信息Personal Information

副教授

硕士生导师

性别:女

毕业院校:芬兰奥卢大学

学位:博士

所在单位:信息管理与信息系统研究所

学科:管理科学与工程

电子邮箱:yingli@dlut.edu.cn

扫描关注

论文成果

当前位置: 李瀛中文主页 >> 科学研究 >> 论文成果

Understanding the violation of IS security policy in organizations: An integrated model based on social control and deterrence theory

点击次数:

论文类型:期刊论文

发表时间:2013-11-01

发表刊物:COMPUTERS & SECURITY

收录刊物:SCIE、EI、SSCI、Scopus

卷号:39

期号:PART B

页面范围:447-459

ISSN号:0167-4048

关键字:IS security policy; Violation intention; General deterrence theory; Social bond theory; Social control mechanisms

摘要:It is widely agreed that a large amount of information systems (IS) security incidents occur in the workplace because employees subvert existing IS Security Policy (ISSP). In order to understand the factors that constrain employees from deviance and violation of the organizational ISSP, past work has traditionally viewed this issue through the lens of formal deterrene mechanisms; we postulated that we could better explain employees' ISSP violation behaviours through considering both formal and informal control factors as well as through considering existing deterrence theory. We therefore developed a theoretical model based on both deterrence and social bond theories rooted in a social control perspective to better understand employee behaviour in this context. The model is validated using survey data of 185 employees. Our empirical results highlight that both formal and informal controls have a significant effect on employees' ISSP violation intentions. To be specific, employees' social bonding is found to have mixed impacts on the employee's intention to violate ISSP. Social pressures exerted by subjective norms and co-worker behaviours also significantly influence employees' ISSP violation intentions. In analyzing the formal sanctions, the perceived severity of sanctions was found to be significant while, perceived certainty of those sanctions was not. We discuss the key implications of our findings for managers and researchers and the implications for professional practice. (C) 2013 Elsevier Ltd. All rights reserved.