WHY DO EMPLOYEES VIOLATE IS SECURITY POLICIES?, ACTA UNIVERSITATIS OULUENSIS A Scientiae Rerum Naturalium 563

Employee violations of IS security policies is recognized as a key concern for organizations.Although interest in IS security has risen in recent years, little empirical research has examinedthis problem. To address this research gap, this dissertation identifies deliberate IS security policyviolations as a phenomenon unique from other forms of computer abuse. To better understand thisphenomenon, three guidelines for researching deliberate IS security violations are proposed. Ananalysis of previous behavioral IS security literature shows that no existing study meets more thanone of these guidelines. \nUsing these guidelines as a basis, this dissertation examines IS security policy violations usingthree theoretical models drawn from the following perspectives: neutralization theory, rationalchoice theory, and protection motivation theory. Three field studies involving surveys of 1,423professional respondents belonging to 7 organizations across 47 countries were performed forempirical testing of the models. \nThe findings of these studies identify several factors that strongly predict intentions to violateIS security policies. These results significantly increase our understanding of why employeeschoose to violate IS security policies and provide empirically-grounded implications for howpractitioners can improve employee IS security policy compliance.

ISBN-10:
978-951-42-6286-9
Kieli:
eng.
Sivumäärä:
158 s.
Tekijät:
VANCE ANTHONY
Tuotekoodi 014039
20,00 €