2009
DOI: 10.1057/ejis.2009.10
|View full text |Cite
|
Sign up to set email alerts
|

What levels of moral reasoning and values explain adherence to information security rules? An empirical study

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

2
128
0

Year Published

2011
2011
2022
2022

Publication Types

Select...
4
3
2

Relationship

0
9

Authors

Journals

citations
Cited by 211 publications
(130 citation statements)
references
References 48 publications
2
128
0
Order By: Relevance
“…The existing studies in the IS security area that look into the behavioral aspects of the insiders have provided insights into the effects of insiders" dysfunctional behaviors on organizational IS assets. These can be seen in valuable work on IS security compliance/non-compliance behaviors [10][11][12][13][14][15][16][17][18][19][20] including motivations to comply with IS security policies [21][22][23][24], IS misuse [2,[25][26][27][28][29][30][31], and studies on computer abuse [32][33][34]. These IS security studies, however, have largely focused on nonmalicious and policy non-compliance behaviors [4,7].…”
Section: Introductionmentioning
confidence: 99%
“…The existing studies in the IS security area that look into the behavioral aspects of the insiders have provided insights into the effects of insiders" dysfunctional behaviors on organizational IS assets. These can be seen in valuable work on IS security compliance/non-compliance behaviors [10][11][12][13][14][15][16][17][18][19][20] including motivations to comply with IS security policies [21][22][23][24], IS misuse [2,[25][26][27][28][29][30][31], and studies on computer abuse [32][33][34]. These IS security studies, however, have largely focused on nonmalicious and policy non-compliance behaviors [4,7].…”
Section: Introductionmentioning
confidence: 99%
“…And current methods are grossly insufficient to mitigate the risks of technology that is smarter than humans. For example, with today's technology, estimates suggest that organizations confront at least one serious information security incident per year, and these are often caused indirectly by employees who violate or neglect these policies [21]. Consequently, organization-level risks are threatened by individual employees who make mistakes, breach policy, or make bad decisions.…”
Section: Macro: Organizational Risksmentioning
confidence: 99%
“…The perception of 'mandatoriness' was found to be very effective in motivating individuals to adhere to security guidelines. Similarly, theories of cognitive moral development and motivational types have been used by Myyry et al (2009) to explain the behavior of employees towards adherence to information systems security policies and have empirically verified their theoretical model. They found that in real-life situations, pre-conventional reasoning (i.e.…”
Section: Theoretical Foundationsmentioning
confidence: 99%
“…They found that in real-life situations, pre-conventional reasoning (i.e. making decision based on pleasure or pain received/expected from external and physical events -Kohlberg's Level One of three levels of moral reasoning (Kohlberg 1984) cited by Myyry (2009) positively influences adherence to IS security policies. Straub (1990) looked in to the issue of investment in IS security versus its effectiveness in controlling computer abuse based on general theory of deterrence taken from criminology.…”
Section: Theoretical Foundationsmentioning
confidence: 99%