DocumentCode :
2200200
Title :
Empowerment or Control: Reconsidering Employee Security Policy Compliance in Terms of Authorization
Author :
Soohyun Jeon ; Hovav, Anat
Author_Institution :
Bus. Sch., Korea Univ., Seoul, South Korea
fYear :
2015
fDate :
5-8 Jan. 2015
Firstpage :
3473
Lastpage :
3482
Abstract :
Preventing security breaches against information asset is one of the key concerns that face an organization. Organizations create information security policies (ISP) to protect information assets against internal misuse. Yet, it is unclear how organizations motivate users to comply with such policies. While existing studies have focused on control-based (administrator controlled) ISP, our study examines user compliance with empowermentbased (user-controlled) ISP. The study aims to compare users´ compliance determinants between control-based ISP and empowerment-based ISP. We propose a research model and report the results of a pilot test, expected findings, and study contributions.
Keywords :
authorisation; data protection; personnel; ISP; authorization; employee security policy compliance; information asset protection; information security policy; security breach prevention; Authorization; Information systems; Licenses; Organizations; Psychology; EDRM; ISP compliance; awareness of audit; compliance; empowerment; information security policy; provision license; psychological ownership; work impediment;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
System Sciences (HICSS), 2015 48th Hawaii International Conference on
Conference_Location :
Kauai, HI
ISSN :
1530-1605
Type :
conf
DOI :
10.1109/HICSS.2015.418
Filename :
7070233
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2200200
بازگشت