Antecedent factors of violation of information security rules. (17th December 2021)
- Record Type:
- Journal Article
- Title:
- Antecedent factors of violation of information security rules. (17th December 2021)
- Main Title:
- Antecedent factors of violation of information security rules
- Authors:
- Cappellozza, Alexandre
Moraes, Gustavo Hermínio Salati Marcondes de
Perez, Gilberto
Simões, Alessandra Lourenço - Abstract:
- Abstract : Purpose: This paper aims to investigate the influence of moral disengagement, perceived penalty, negative experiences and turnover intention on the intention to violate the established security rules. Design/methodology/approach: The method used involves two stages of analysis, using techniques of structural equation modeling and artificial intelligence with neural networks, based on information collected from 318 workers of organizational information systems. Findings: The model provides a reasonable prediction regarding the intention to violate information security policies (ISP). The results revealed that the relationships of moral disengagement and perceived penalty significantly influence such an intention. Research limitations/implications: This research presents a multi-analytical approach that expands the robustness of the results by the complementarity of each analysis technique. In addition, it offers scientific evidence of the factors that reinforce the cognitive processes that involve workers' decision-making in security breaches. Practical implications: The practical recommendation is to improve organizational communication to mitigate information security vulnerabilities in several ways, namely, training actions that simulate daily work routines; exposing the consequences of policy violations; disseminating internal newsletters with examples of inappropriate behavior. Social implications: Results indicate that information security does not depend onAbstract : Purpose: This paper aims to investigate the influence of moral disengagement, perceived penalty, negative experiences and turnover intention on the intention to violate the established security rules. Design/methodology/approach: The method used involves two stages of analysis, using techniques of structural equation modeling and artificial intelligence with neural networks, based on information collected from 318 workers of organizational information systems. Findings: The model provides a reasonable prediction regarding the intention to violate information security policies (ISP). The results revealed that the relationships of moral disengagement and perceived penalty significantly influence such an intention. Research limitations/implications: This research presents a multi-analytical approach that expands the robustness of the results by the complementarity of each analysis technique. In addition, it offers scientific evidence of the factors that reinforce the cognitive processes that involve workers' decision-making in security breaches. Practical implications: The practical recommendation is to improve organizational communication to mitigate information security vulnerabilities in several ways, namely, training actions that simulate daily work routines; exposing the consequences of policy violations; disseminating internal newsletters with examples of inappropriate behavior. Social implications: Results indicate that information security does not depend on the employees' commitment to the organization; system vulnerabilities can be explored even by employees committed to the companies. Originality/value: The study expands the knowledge about the individual factors that make information security in companies vulnerable, one of the few in the literature which aims to offer an in-depth perspective on which individual antecedent factors affect the violation of ISP. … (more)
- Is Part Of:
- RAUSP Management Journal. Volume 57:Number 1(2022)
- Journal:
- RAUSP Management Journal
- Issue:
- Volume 57:Number 1(2022)
- Issue Display:
- Volume 57, Issue 1 (2022)
- Year:
- 2022
- Volume:
- 57
- Issue:
- 1
- Issue Sort Value:
- 2022-0057-0001-0000
- Page Start:
- 85
- Page End:
- 103
- Publication Date:
- 2021-12-17
- Subjects:
- Security -- Technology -- Violation of information security -- Moral disengagement -- Information -- Structural equation modeling -- Neural networks -- Violation of information security
Management science -- Periodicals
Management -- Periodicals
Operations research -- Periodicals
Management
Management science
Operations research
Electronic journals
Periodicals - Journal URLs:
- https://www.emeraldgrouppublishing.com/services/publishing/rausp/index.htm ↗
https://www.journals.elsevier.com/rausp-management-journal ↗
http://www.sciencedirect.com/ ↗ - DOI:
- 10.1108/RAUSP-02-2021-0022 ↗
- Languages:
- English
- ISSNs:
- 2531-0488
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 25550.xml