• DocumentCode
    2200200
  • Title

    Empowerment or Control: Reconsidering Employee Security Policy Compliance in Terms of Authorization

  • Author

    Soohyun Jeon ; Hovav, Anat

  • Author_Institution
    Bus. Sch., Korea Univ., Seoul, South Korea
  • fYear
    2015
  • fDate
    5-8 Jan. 2015
  • Firstpage
    3473
  • Lastpage
    3482
  • Abstract
    Preventing security breaches against information asset is one of the key concerns that face an organization. Organizations create information security policies (ISP) to protect information assets against internal misuse. Yet, it is unclear how organizations motivate users to comply with such policies. While existing studies have focused on control-based (administrator controlled) ISP, our study examines user compliance with empowermentbased (user-controlled) ISP. The study aims to compare users´ compliance determinants between control-based ISP and empowerment-based ISP. We propose a research model and report the results of a pilot test, expected findings, and study contributions.
  • Keywords
    authorisation; data protection; personnel; ISP; authorization; employee security policy compliance; information asset protection; information security policy; security breach prevention; Authorization; Information systems; Licenses; Organizations; Psychology; EDRM; ISP compliance; awareness of audit; compliance; empowerment; information security policy; provision license; psychological ownership; work impediment;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    System Sciences (HICSS), 2015 48th Hawaii International Conference on
  • Conference_Location
    Kauai, HI
  • ISSN
    1530-1605
  • Type

    conf

  • DOI
    10.1109/HICSS.2015.418
  • Filename
    7070233
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2200200