A Conceptual Analysis about the Organizational Impact of Compliance on Information Security Policy

Cavallari, Maurizio

doi:10.1007/978-3-642-28227-0_8

Cited by 7 publications

(8 citation statements)

References 59 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In organisations that put high emphasis on results, employees may feel oppressed because of continuous stress and pressure, which may result in negative feelings about an organisation. In turn, ill feelings can have a negative effect on employee compliance with information security rules (Cavallari, 2012).…”

Section: Research Findings and Discussionmentioning

confidence: 99%

Organisational culture, procedural countermeasures, and employee security behaviour

Connolly

Lang

Gathegi

et al. 2017

ICS

View full text Add to dashboard Cite

Purpose This paper provides new insights about security behaviour in selected US and Irish organisations by investigating how organisational culture and procedural security countermeasures tend to influence employee security actions. An increasing number of information security breaches in organisations presents a serious threat to the confidentiality of personal and commercially sensitive data. While recent research shows that humans are the weakest link in the security chain and the root cause of a great portion of security breaches, the extant security literature tends to focus on technical issues. Design/methodology/approach This paper builds on general deterrence theory and prior organisational culture literature. The methodology adapted for this study draws on the analytical grounded theory approach employing a constant comparative method. Findings This paper demonstrates that procedural security countermeasures and organisational culture tend to affect security behaviour in organisational settings. Research limitations/implications This paper fills the void in information security research and takes its place among the very few studies that focus on behavioural as opposed to technical issues. Practical implications This paper highlights the important role of procedural security countermeasures, information security awareness and organisational culture in managing illicit behaviour of employees. Originality/value This study extends general deterrence theory in a novel way by including information security awareness in the research model and by investigating both negative and positive behaviours.

show abstract

Section: Research Findings and Discussionmentioning

confidence: 99%

Organisational culture, procedural countermeasures, and employee security behaviour

Connolly

Lang

Gathegi

et al. 2017

ICS

View full text Add to dashboard Cite

show abstract

“…Within the mentioned past research findings were find that Cavallari (2011) discussed the organizational relationship between compliance and information security finding there is a bidirectional relationship among those and that transformational leadership management action can influence both of them (Cavallari, 2011), while Khan and AlShare (2019) studied the distinguishing factors between violators and non-violators of information security measures in organizations (Khan and AlShare, 2019). Kennedy (2016) explored the pathway to security by mitigating user negligence (Kennedy, 2016), as Sandhu et al identified, on the other hand, the proliferation of malicious edge devices in fog computing environments, finding their ways into organisational disfunctionalities (Sandhu et al, 2017).…”

Section: Previous Researchmentioning

confidence: 95%

“…In prior scholarly investigations, the interplay between Compliance rules (which originate externally) and internal Policies (which emerge from within the organization) has been scrutinized through a fivefold conceptual lens encompassing Organizational Culture, Personal Attitudes, Actors, Intention, and Motivation, as in Cavallari (2011) where is discussed the organizational relationship between compliance and information security finding there is a bi-directional relationship among those and that transformational leadership management action can influence both of them (Cavallari, 2011). In the same sense we find Posey et al (2011), andCaldwell (2012) who discussed the importance of training in addressing security vulnerabilities (Caldwell, 2012).…”

Section: Objectivesmentioning

confidence: 99%

See 1 more Smart Citation

Organizational Determinants and Compliance Behavior to Shape Information Security Plan

Cavallari

2023

Acad. J. Interdiscip. Stud.

View full text Add to dashboard Cite

In the advanced field of Information and Communication Technology (ICT) within modern corporate frameworks, the pressing issue of non-compliance becomes increasingly crucial. Achieving the ideal balance—where one fosters consistent employee commitment without resorting to overly harsh penalties for possible violations—presents a complex problem. Such a nuanced relationship calls for a synchronized coordination among the company’s underlying factors, the principles of the Information Security Plan (ISP), and overarching compliance mandates. As companies step into a period where digital environments are in constant flux, the importance of securing information systems rises to a critical level. Against this backdrop, compliance stands out as a vital component, functioning as a stringent safeguard in the ongoing mission to protect precious digital assets—a mission comprehensively detailed within the ISP. This in-depth academic study sets out to rigorously explore and scrutinize the diverse opinions and beliefs of committed employees and insightful management concerning unwavering company alignment with the ISP. This is accomplished by defining a construct that centers on key dimensions: Organizational Culture, Personal Attitudes, Actors, Behavioral Intentions, and Motivational Dynamics. Eleven Hypotheses are outlined and represent the materialisation of the model. This model form a starting point from which future empirical exploration will be able to take place, propelling us towards a deeper understanding of the phenomena under scrutiny. Received: 15 September 2023 / Accepted: 23 October 2023 / Published: 5 November 2023

show abstract

“…Robust accounting controls form the first line of defense. From accurate financial record-keeping to internal controls that prevent errors and fraudulent activities, these measures play a pivotal role in ensuring the integrity of financial data (Cavallari, 2023, McDonald, Williams & Mayes, 2021. Advanced cybersecurity controls are indispensable in the digital realm.…”

Section: Data Confidentiality and Integrity In Superannuationmentioning

confidence: 99%

Data Confidentiality and Integrity: A Review of Accounting and Cybersecurity Controls in Superannuation Organizations

Anthony Anyanwu,

Temidayo Olorunsogo,

Temitayo Oluwaseun Abrahams

et al. 2024

Comput. sci. IT res. j.

View full text Add to dashboard Cite

In an era dominated by digital transformation, superannuation organizations face unprecedented challenges in safeguarding the confidentiality and integrity of sensitive financial data. This review explores the intricate relationship between accounting practices and cybersecurity controls within the context of superannuation entities. By examining the existing literature, regulatory frameworks, and industry best practices, this paper synthesizes the key considerations essential for ensuring robust data protection. The study delves into the critical role of accounting systems in managing financial information and the subsequent implications for data confidentiality. It investigates how evolving accounting standards and practices intersect with cybersecurity protocols to fortify the integrity of financial records within superannuation organizations. The dynamic nature of cyber threats necessitates a comprehensive analysis of technological safeguards, risk management frameworks, and compliance measures to uphold data confidentiality. Furthermore, the review underscores the imperative for a multidimensional approach to cybersecurity in the superannuation sector. It discusses the integration of advanced technologies such as encryption, blockchain, and anomaly detection alongside traditional accounting controls to create a resilient defense against emerging threats. The exploration extends to the examination of employee training programs, incident response strategies, and third-party risk assessments as integral components of a comprehensive cybersecurity posture. As superannuation organizations navigate the complex landscape of data management, a holistic understanding of the interplay between accounting and cybersecurity controls becomes paramount. This review contributes to the existing body of knowledge by providing insights into the challenges and opportunities presented by the evolving technological landscape, offering practitioners and policymakers a foundation for enhancing data confidentiality and integrity in the superannuation sector. Keywords: Data Confidentiality; Accounting; Cybersecurity; Superannuation Organization; Data Integrity.

show abstract

A Conceptual Analysis about the Organizational Impact of Compliance on Information Security Policy

Cited by 7 publications

References 59 publications

Organisational culture, procedural countermeasures, and employee security behaviour

Organisational culture, procedural countermeasures, and employee security behaviour

Organizational Determinants and Compliance Behavior to Shape Information Security Plan

Data Confidentiality and Integrity: A Review of Accounting and Cybersecurity Controls in Superannuation Organizations

Contact Info

Product

Resources

About