東華大學圖書館 |

Language: English

Help

回圖書館首頁

手機版館藏查詢

Back

Switch To: Labeled | MARC Mode | ISBD

Toward a theory of employee complian...

Sikolia, David Wafula.

Linked to FindBook

Google Book

Amazon

博客來

Toward a theory of employee compliance with information security policies: A grounded theory methodology.

Record Type:	Language materials, printed : Monograph/item
Title/Author:	Toward a theory of employee compliance with information security policies: A grounded theory methodology./
Author:	Sikolia, David Wafula.
Description:	114 p.
Notes:	Source: Dissertation Abstracts International, Volume: 75-02(E), Section: B.
Contained By:	Dissertation Abstracts International75-02B(E).
Subject:	Information Technology. -
Online resource:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3598969
ISBN:	9781303480256

Toward a theory of employee compliance with information security policies: A grounded theory methodology.
Sikolia, David Wafula.

Toward a theory of employee compliance with information security policies: A grounded theory methodology. - 114 p.

Source: Dissertation Abstracts International, Volume: 75-02(E), Section: B.

Thesis (Ph.D.)--Oklahoma State University, 2013.

User non-compliance with information security policies in organizations due to negligence or ignorance is reported as a key data security problem for organizations. The violation of the confidentiality, integrity and availability of organizational data has led to losses in millions of dollars for organizations in terms of money and time spent correcting the problem. Research on employee violation of information security policies has focused on non-compliance due to poor training, low employee motivation, weak effective commitment, or individual oversight. Theoretical foundations applied to this phenomenon include deterrence, reasoned action, planned behavior, protection motivation, self-efficacy, individual adoption factors, organizational commitment and other individual cognitive factors. However, the findings from some of the studies are contradictory. Furthermore, no parsimonious theory explains nor predicts employee compliance with information security policies. This study addresses this problem by building a theoretical model grounded in data using grounded theory methodology. Seed concepts from High Performance Work Systems (HPWS) were used to develop the initial questions for the structured interviews. Four rounds of interviews over a period of one year were carried out as well as iterative data analysis. Data analysis consisted of open coding, selective coding and theoretical coding. The findings indicate organizations need to create a supportive organizational culture, conduct appropriate training, clearly communicate deterrence measures and design job tasks aligned with the information security policies. These measures will impact individual employee's engagement, knowledge, perception of the ramifications and self-efficacy. Information technology plays a moderating role between organization practices and the individual cognitive factors. These cognitive factors will in turn have an effect on the individual employees' compliance with the information security policies.

ISBN: 9781303480256Subjects--Topical Terms:

1030799
Information Technology.

Toward a theory of employee compliance with information security policies: A grounded theory methodology.
LDR:02927nam a2200277 4500 001 1963521
005 20141003074104.5
008 150210s2013 ||||||||||||||||| ||eng d
020 $a 9781303480256
035 $a (MiAaPQ)AAI3598969
035 $a AAI3598969
040 $a MiAaPQ $c MiAaPQ
100 1 $a Sikolia, David Wafula. $3 2099788
245 1 0 $a Toward a theory of employee compliance with information security policies: A grounded theory methodology.
300 $a 114 p.
500 $a Source: Dissertation Abstracts International, Volume: 75-02(E), Section: B.
500 $a Advisers: David Biros; Mark Weiser.
502 $a Thesis (Ph.D.)--Oklahoma State University, 2013.
520 $a User non-compliance with information security policies in organizations due to negligence or ignorance is reported as a key data security problem for organizations. The violation of the confidentiality, integrity and availability of organizational data has led to losses in millions of dollars for organizations in terms of money and time spent correcting the problem. Research on employee violation of information security policies has focused on non-compliance due to poor training, low employee motivation, weak effective commitment, or individual oversight. Theoretical foundations applied to this phenomenon include deterrence, reasoned action, planned behavior, protection motivation, self-efficacy, individual adoption factors, organizational commitment and other individual cognitive factors. However, the findings from some of the studies are contradictory. Furthermore, no parsimonious theory explains nor predicts employee compliance with information security policies. This study addresses this problem by building a theoretical model grounded in data using grounded theory methodology. Seed concepts from High Performance Work Systems (HPWS) were used to develop the initial questions for the structured interviews. Four rounds of interviews over a period of one year were carried out as well as iterative data analysis. Data analysis consisted of open coding, selective coding and theoretical coding. The findings indicate organizations need to create a supportive organizational culture, conduct appropriate training, clearly communicate deterrence measures and design job tasks aligned with the information security policies. These measures will impact individual employee's engagement, knowledge, perception of the ramifications and self-efficacy. Information technology plays a moderating role between organization practices and the individual cognitive factors. These cognitive factors will in turn have an effect on the individual employees' compliance with the information security policies.
590 $a School code: 0664.
650 4 $a Information Technology. $3 1030799
650 4 $a Business Administration, Management. $3 626628
690 $a 0489
690 $a 0454
710 2 $a Oklahoma State University. $b Management Science & Information Systems (PhD). $3 2099789
773 0 $t Dissertation Abstracts International $g 75-02B(E).
790 $a 0664
791 $a Ph.D.
792 $a 2013
793 $a English
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3598969