How different rewards tend to influence employee non-compliance with information security policies. (9th August 2021)
- Record Type:
- Journal Article
- Title:
- How different rewards tend to influence employee non-compliance with information security policies. (9th August 2021)
- Main Title:
- How different rewards tend to influence employee non-compliance with information security policies
- Authors:
- Khatib, Rima
Barki, Henri - Abstract:
- Abstract : Purpose: To help reduce the increasing number of information security breaches that are caused by insiders, past research has examined employee non-compliance with information security policy. However, existent studies have observed mixed results, which suggest that an interaction is likely to exist among the variables that explain employee non-compliance. In an effort to provide evidence for this possibility, this paper aims to better explain why employees routinely engage in non-compliant behaviors by examining the direct and interactive effects of employees' perceived costs and rewards of compliance and non-compliance on their routinized non-compliant behaviors. Design/methodology/approach: Based on rational choice theory, this study used 16 hypothetical scenarios in an experimental survey, collecting data from 326 respondents and analyzing them via structural equation modeling and a four-way factorial experiment. Findings: The results suggest that routinized non-compliance of employees is more strongly influenced by the rewards than the costs they perceive in their non-compliance. Further, employees' routinized non-compliance behavior was found to be positively influenced by an interactive effect of perceived rewards of compliance when their perceptions of their non-compliance costs and rewards were both high and low. Originality/value: This paper's key contribution is to suggest that non-compliance behavior is influenced by direct and interactive effects ofAbstract : Purpose: To help reduce the increasing number of information security breaches that are caused by insiders, past research has examined employee non-compliance with information security policy. However, existent studies have observed mixed results, which suggest that an interaction is likely to exist among the variables that explain employee non-compliance. In an effort to provide evidence for this possibility, this paper aims to better explain why employees routinely engage in non-compliant behaviors by examining the direct and interactive effects of employees' perceived costs and rewards of compliance and non-compliance on their routinized non-compliant behaviors. Design/methodology/approach: Based on rational choice theory, this study used 16 hypothetical scenarios in an experimental survey, collecting data from 326 respondents and analyzing them via structural equation modeling and a four-way factorial experiment. Findings: The results suggest that routinized non-compliance of employees is more strongly influenced by the rewards than the costs they perceive in their non-compliance. Further, employees' routinized non-compliance behavior was found to be positively influenced by an interactive effect of perceived rewards of compliance when their perceptions of their non-compliance costs and rewards were both high and low. Originality/value: This paper's key contribution is to suggest that non-compliance behavior is influenced by direct and interactive effects of perceived rewards of compliance and non-compliance. … (more)
- Is Part Of:
- Information and computer security. Volume 30:Number 1(2022)
- Journal:
- Information and computer security
- Issue:
- Volume 30:Number 1(2022)
- Issue Display:
- Volume 30, Issue 1 (2022)
- Year:
- 2022
- Volume:
- 30
- Issue:
- 1
- Issue Sort Value:
- 2022-0030-0001-0000
- Page Start:
- 97
- Page End:
- 116
- Publication Date:
- 2021-08-09
- Subjects:
- IS security -- Non-Compliance -- Rewards -- Costs -- Rational choice theory -- Experimental survey -- Hypothetical scenarios
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-01-2021-0008 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 25265.xml