The influence of the informal social learning environment on information privacy policy compliance efficacy and intention

Warkentin, Merrill; Johnston, Allen C.; Shropshire, Jordan

doi:10.1057/ejis.2010.72

Cited by 158 publications

(77 citation statements)

References 75 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Puhakainen and Siponen (2010), however, criticized information security approaches as lacking not only theoretically grounded methods, but also empirical evidence on their effectiveness. As a possible consequence of this critique, the recent years have witnessed an increase in investigations that meet these criteria, and have based their analyses on a variety of theories including theory of planned behavior (Bulgurcu et al, 2010), neutralization theory (Siponen and Vance, 2010), learning theory (Warkentin et al, 2011), organizational narcissism (Cox, 2012), and protection motivation theory (Ifinedo, 2012). A dominant part of the studies have focused on the first category (Warkentin and Willison, 2009) -that is, the "individual" level of information security by either testing theories that explain an individual"s compliance/non-compliance to information security policies (e.g., Ifinedo, 2012) or how perceptions of different information security countermeasures such as education and awareness training might lead to a decrease in information system abuse or misuse (e.g., D"Arcy, Hovav, and Galletta, 2008).…”

Section: Introductionmentioning

confidence: 99%

Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture

Flores

Antonsen

Ekstedt

2014

Computers & Security

121

View full text Add to dashboard Cite

Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture.Computers & Security, http://dx.doi.org/10.1016/j.cose. 2014.03.004 Access to the published version may require subscription. N.B. When citing this work, cite the original published paper. Permanent link to this version:http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva- 142630 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 AbstractThis paper presents an empirical investigation on what behavioral information security governance factors drives the establishment of information security knowledge sharing in organizations. Data was collected from organizations located in different geographic regions of the world, and the amount of data collected from two countries -namely, USA and Sweden -allowed us to investigate if the effect of behavioral information security governance factors on the establishment of security knowledge sharing differs based on national culture.The study followed a mixed methods research design, wherein qualitative data was collected to both establish the study"s research model and develop a survey instrument that was distributed to 578 information security executives. The results suggest that processes to coordinate implemented security knowledge sharing mechanisms have a major direct influence on the establishment of security knowledge sharing in organizations; the effect of organizational structure (e.g., centralized security function to develop and deploy uniform firm-wide policies, and use of steering committees to facilitate information security planning) is slightly weaker, while business-based information security management has no significant direct effect on security knowledge sharing. A mediation analysis revealed that the reason for the non-significant direct relation between business-based information security management and security knowledge sharing is the fully mediating effect of coordinating information security processes. Thus, the results disentangles the interrelated influences of behavioral information security governance factors on security knowledge sharing by showing that information security governance sets the platform to establish security knowledge sharing, and coordinating processes realize the effect of both the structure of the information security function and the alignment of information security management with business needs.A multigroup analysis identified that national culture had a significant moderating effect on the association between four of the six proposed relations. In Sweden -which is seen as a less individualist, feminine country -managers tend to focus their efforts on implementing controls that are aligned with business activities and employees" need; monitoring the effectiveness of the implemented con...

show abstract

Section: Introductionmentioning

confidence: 99%

Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture

Flores

Antonsen

Ekstedt

2014

Computers & Security

121

View full text Add to dashboard Cite

show abstract

“…36,37,50,51,52]. In the information privacy literature, self-efficacy has not been as regularly included but has been shown to influence intentions to follow a privacy policy [70] and to protect oneself on the Internet [71].…”

Section: The Information-motivation Behavioral (Imb) Skills Modelmentioning

confidence: 99%

“…While the IMB Skills model suggests that both perceived an actual abilities are necessary to enact a preventive behavior (Figure 2), most prior research on information security and privacy has focused mostly on measuring self-efficacy (a perceived ability) to evaluate knowledge [e.g., 37,70,72,73]. Self-efficacy deals with one's perceived confidence at performing a behavior, such as utilizing a technology.…”

Section: Knowledge-belief Gapmentioning

confidence: 99%

The Mobile Privacy-Security Knowledge Gap Model: Understanding Behaviors

Crossler¹

2017

Proceedings of the 50th Hawaii International Conference on System Sciences (2017)

View full text Add to dashboard Cite

show abstract

“…Individuals vary in the extent to which ICTs are important to them (Limayem et al, 2007), the extent to which they want to interact with ICTs (Compeau and Higgins, 1995), and their interest in engaging with ICTs in new and different ways (Agarwal and Prasad, 1998), all of which would suggest that individuals might attribute varying levels of importance and centrality to their ICTU role identity (e.g., Gefen and Ridings, 2003; Turel et al, 2011a). This literature further implies that interpersonal differences in ICTU identity can be rooted in individual differences in innovativeness (Yi et al, 2006), computer self-efficacy (Marakas et al, 2007), beliefs and perceptions regarding technologies (Venkatesh, 2000), social pressures to use technologies (Titah and Barki, 2009), impression management (Turel et al, 2010), and adherence to ICT related policies (Warkentin et al, 2011). …”

Section: Ictu Role Identity and Identity Saliencementioning

confidence: 99%

The Information and Communication Technology User Role: Implications for the Work Role and Inter-Role Spillover

et al. 2016

View full text Add to dashboard Cite

Management and organization research has traditionally focused on employees’ work role and the interface between their work and family roles. We suggest that persons assume a third role in modern society that is relevant to work and organizations, namely the Information and Communication Technology User (ICTU) role. Based on role theory and boundary theory, we develop propositions about the characteristics of this role, as well as how ICTU role characteristics are related to boundary spanning activity, inter-role spillover with the work role, and work role performance. To this end, we first conceptualize the ICTU role and its associations with work and family roles. We then apply identity theory and boundary management theory to advance our understanding of how the ICTU role is related to criteria that are important to individuals and to organizations, namely self-selection into certain types of work roles and positive and negative inter-role spillover. The implications of this role for theory, research, and practice in management and organizations are discussed.

show abstract

The influence of the informal social learning environment on information privacy policy compliance efficacy and intention

Cited by 158 publications

References 75 publications

Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture

Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture

The Mobile Privacy-Security Knowledge Gap Model: Understanding Behaviors

The Information and Communication Technology User Role: Implications for the Work Role and Inter-Role Spillover

Contact Info

Product

Resources

About