DocumentCode :
1736553
Title :
Effects of Individual and Organization Based Beliefs and the Moderating Role of Work Experience on Insiders´ Good Security Behaviors
Author :
Bulgurcu, Burcu ; Cavusoglu, Hasan ; Benbasat, Izak
Author_Institution :
Dept. of Manage. Inf. Syst., Univ. of British Columbia, Vancouver, BC, Canada
Volume :
3
fYear :
2009
Firstpage :
476
Lastpage :
481
Abstract :
This research aims to identify the factors that drive an employee to comply with requirements of the Information Security Policy (ISP) with regard to protecting her organizationpsilas information and technology resources. Two different research models are proposed for an employeepsilas individual based beliefs and organization based beliefs. An employeepsilas attitude is traced to its underlying foundational beliefs in each model, namely, benefit of compliance, cost of non-compliance, and cost of compliance, which are beliefs that represent the perceived effects of compliance or non-compliance. It is also postulated that these beliefs along with an employeepsilas attitude are affected by her Information Security Awareness (ISA). Besides the structural model testing of individual and organizational models of compliance, the moderating role of an employeepsilas work experience is investigated. Our results show that, while individual benefit of compliance and cost of compliance are not significant in the low experience group, all individual based beliefs are significant in the high experience group. Similarly, organizational benefit of compliance is not significant in the low experience group, while all organization based beliefs are significant in the high experience group. Furthermore, ISA is found to affect an employeepsilas attitude and all her individual and organization based beliefs. As organizations strive to get their employees to follow their information security rules and regulations, our study mainly sheds light on the moderating role of an employeepsilas work experience in changing the strength of individual and organization based beliefs on employeespsila attitude as well as her ISA.
Keywords :
human factors; security of data; social aspects of automation; compliance benefit; compliance cost; employee attitude; employee work experience; individual based belief; information security awareness; information security policy; noncompliance cost; organization based belief; security behavior; structural model test; Costs; Information security; Instruction sets; Management information systems; Protection; Testing; compliance; experience; individual identity; information security awareness; information security policy; social dentity;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computational Science and Engineering, 2009. CSE '09. International Conference on
Conference_Location :
Vancouver, BC
Print_ISBN :
978-1-4244-5334-4
Electronic_ISBN :
978-0-7695-3823-5
Type :
conf
DOI :
10.1109/CSE.2009.484
Filename :
5283116
Link To Document :
بازگشت