nach oben

Journal of Business Ethics

Erschienen in:

01.07.2016

Applying the Randomized Response Technique in Business Ethics Research: The Misuse of Information Systems Resources in the Workplace

verfasst von: Amanda M. Y. Chu, Mike K. P. So, Ray S. W. Chung

Erschienen in: Journal of Business Ethics | Ausgabe 1/2018

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Mitigating response distortion in answers to sensitive questions is an important issue for business ethics researchers. Sensitive questions may be asked in surveys related to business ethics, and respondents may intend to avoid exposing sensitive aspects of their character by answering such questions dishonestly, resulting in response distortion. Previous studies have provided evidence that a surveying procedure called the randomized response technique (RRT) is useful for mitigating such distortion. However, previous studies have mainly applied the RRT to individual dichotomous questions (e.g., yes/no questions) in face-to-face survey settings. In this study, we focus on behavioral research examining the relationships between latent variables, which are unobserved variables measured by multiple items on Likert or bipolar scales. To demonstrate how the RRT can be applied to obtain valid answers from respondents answering a self-administered online questionnaire with Likert and bipolar scales, we build a behavioral model to study the effect of punishment severity on employees’ attitudes toward misuse of information systems resources in the workplace, which in turn influence misuse behavior. The survey findings meet our expectations. The respondents are generally more willing to disclose sensitive data about their attitudes and actual behavior related to misuse when the RRT is implemented. The RRT’s implications for causal modeling and the advantages and challenges of its use in online environments are also discussed.

Vorheriger Artikel Both Sides of the Coin: Motives for Corruption Among Public Officials and Business Employees

Nächster Artikel Workplace Harassment Intensity and Revenge: Mediation and Moderation Effects

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

Abul-Ela, A. A., Greenberg, B. G., & Horvitz, D. G. (1967). A multi-proportions randomized response model. Journal of the American Statistical Association, 62, 990–1008.CrossRef

Armacost, R. L., Hosseini, J. C., Morris, S. A., & Rehbein, K. A. (1991). An empirical comparison of direct questioning, scenario, and randomized response methods for obtaining sensitive business information. Decision Sciences, 22(5), 1073–1090.CrossRef

Blair, G., Imai, K., & Zhou, Y. Y. (2015). Design and analysis of the randomized response technique. Journal of the American Statistical Association, 110, 1304–1319.CrossRef

Bock, G.-W., & Ho, S. L. (2009). Non-work related computing (NWRC). Communications of the ACM, 52(4), 124–128.CrossRef

Bratman, M. (1984). Two faces of intention. The Philosophical Review, 93(3), 375–405.CrossRef

Burton, B. K., & Near, J. P. (1995). Estimating the incidence of wrongdoing and whistle-blowing: Results of a study using randomized response technique. Journal of Business Ethics, 14(1), 17–30.CrossRef

Chu, A. M. Y., & Chau, P. Y. K. (2014). Development and validation of instruments of information security deviant behavior. Decision Support Systems, 66, 93–101.CrossRef

Chu, A. M. Y., Chau, P. Y. K., & So, M. K. P. (2015a). Explaining the misuse of information systems resources in the workplace: A dual-process approach. Journal of Business Ethics, 131(1), 209–225.CrossRef

Chu, A. M. Y., Chau, P. Y. K., & So, M. K. P. (2015b). Developing a typological theory using a quantitative approach: A case of information security deviant behavior. Communications of the Association for Information Systems, 131(1), 25.

D’Arcy, J., & Devaraj, S. (2012). Employee misuse of information technology resources: Testing a contemporary deterrence model. Decision Sciences, 43(6), 1091–1124.CrossRef

D’Arcy, J., & Hovav, A. (2007a). Deterring internal information systems misuse. Communications of the ACM, 50(10), 113–117.CrossRef

D’Arcy, J., & Hovav, A. (2007b). Towards a best fit between organizational security countermeasures and information systems misuse behaviors. Journal of Information System Security, 3(2), 3–31.

D’Arcy, J., & Hovav, A. (2009). Does one size fit all? Examining the differential effects of IS security countermeasures. Journal of Business Ethics, 89(Supplement 1), 59–71.CrossRef

D’Arcy, J., Hovav, A., & Galletta, D. (2009). User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach. Information Systems Research, 20(1), 79–98.CrossRef

Dalton, D. R., Daily, C. M., & Wimbush, J. C. (1997). Collecting “sensitive” data in business ethics research: A case for the unmatched count technique (UCT). Journal of Business Ethics, 16(10), 1049–1057.CrossRef

Eichhorn, B. H., & Hayre, L. S. (1983). Scrambled randomized response methods for obtaining sensitive quantitative data. Journal of Statistical Planning and Inference, 7(4), 307–316.CrossRef

Ernst and Young. (2014). Get ahead of cybercrime: EY’s global information security survey. http://www.ey.com/Publication/vwLUAssets/EY-global-information-security-survey-2014/$FILE/EY-global-information-security-survey-2014.pdf.

Fidler, D. S., & Kleinknecht, R. E. (1977). Randomized response versus direct questioning: Two data-collection methods for sensitive information. Psychological Bulletin, 84(5), 1045–1049.CrossRef

Fisher, R. J. (1993). Social desirability bias and the validity of indirect questioning. Journal of Consumer Research, 20(2), 303–315.CrossRef

Frost and Sullivan. (2015). The 2015 (ISC)² global information security workforce study. https://www.isc2cares.org/uploadedFiles/wwwisc2caresorg/Content/GISWS/FrostSullivan-(ISC)%C2%B2-Global-Information-Security-Workforce-Study-2015.pdf.

Geerken, M. R., & Gove, W. R. (1975). Deterrence: Some theoretical considerations. Law and Society Review, 9(3), 497–513.CrossRef

Goodstadt, M. S., & Gruson, V. (1975). The randomized response technique: A test on drug use. Journal of the American Statistical Association, 70, 814–818.CrossRef

Greenberg, B. G., Abul-Ela, A. A., Simmons, W. R., & Horvitz, D. G. (1969). The unrelated question randomized response model: Theoretical framework. Journal of the American Statistical Association, 64, 520–539.CrossRef

Greenberg, B. G., Kuebler, R. R., Abernathy, J. R., & Horvitz, D. G. (1971). Application of the randomized response technique in obtaining quantitative data. Journal of the American Statistical Association, 66, 243–250.CrossRef

Guo, K. H., Yuan, Y., Archer, N. P., & Connelly, C. E. (2011). Understanding nonmalicious security violations in the workplace: A composite behavior model. Journal of Management Information Systems, 28(2), 203–236.CrossRef

Gupta, S., Gupta, B., & Singh, S. (2002). Estimation of sensitivity level of personal interview survey questions. Journal of Statistical Planning and Inference, 100(2), 239–247.CrossRef

Harrington, S. J. (1996). The effect codes of ethics and personal denial of responsibility on computer abuse judgments and intentions. MIS Quarterly, 20(3), 257–278.CrossRef

Hoonakker, P., Bornoe, N., & Carayon, P. (2009). Password authentication from a human factors perseptive: Results of a survey among end-users. Proceedings of the 53rd annual meeting of the human factors and ergonomics society annual meeting, 53(6) (pp. 459–463).

Hovav, A., & D’Arcy, J. (2012). Applying an extended model of deterrence across cultures: An investigation of information systems misuse in the US and South Korea. Information & Management, 49(2), 99–110.CrossRef

Hu, Q., Xu, Z., Dinev, T., & Ling, H. (2011). Does deterrence work in reducing information security policy abuse by employees? Communications of the ACM, 54(6), 54–60.CrossRef

Kotulic, A. G., & Clark, J. G. (2004). Why there aren’t more information security research studies. Information & Management, 41(5), 597–607.CrossRef

Kwan, S. S. K., So, M. K. P., & Tam, K. Y. (2010). Applying the randomized response technique to elicit truthful responses to sensitive questions in IS research: The case of software piracy behavior. Information System Research, 21(4), 941–959.CrossRef

Lee, S. M., Lee, S.-G., & Yoo, S. (2004). An integrative model of computer abuse based on social control and general deterrence theories. Information & Management, 41(6), 707–718.CrossRef

Lee, Y., Lee, Z., & Kim, Y. (2007). Understanding personal web usage in organizations. Journal of Organizational Computing and Electronic Commerce, 17(1), 75–99.

Liao, Q., Luo, X., Gurung, A., & Li, L. (2009). Workplace management and employee misuse: Does punishment matter? Journal of Computer Information Systems, 50(2), 49–59.

Lim, V. K. (2002). The IT way of loafing on the job: Cyberloafing, neutralizing and organizational justice. Journal of Organizational Behavior, 23(5), 675–694.CrossRef

Locander, W., Sudman, S., & Bradurn, N. (1976). An investigation of interview method, threat and response distortion. Journal of the American Statistical Association, 71, 269–275.CrossRef

Long, J. S. (1983). Covariance structure models: An introduction to LISREL. Beverly Hills, CA: Sage.CrossRef

Lowry, P. B., Moody, G., Galletta, D., & Vance, A. (2012). The drivers in the use of online whistle-blowing reporting system. Journal of Management Information Systems, 20(1), 153–177.CrossRef

Mahmood, M. A., Siponen, M., Straub, D., & Rao, H. R. (2010). Moving toward black hat research in information systems security: An editorial introduction to the special issue. MIS Quarterly, 34(3), 431–433.CrossRef

Peace, A. G., Galletta, D. F., & Thong, J. Y. L. (2003). Software piracy in the workplace: A model and empirical test. Journal of Management Information Systems, 20(1), 153–177.CrossRef

Pearson, F. S., & Weiner, N. A. (1985). Toward an integration of criminological theories. Journal of Criminal Law and Criminology, 76(1), 116–150.CrossRef

Pee, L. G., Woon, I. M. Y., & Kankanhalli, A. (2008). Explaining non-work-related computing in the workplace: A comparison of alternative models. Information & Management, 45(2), 120–130.CrossRef

Pollock, K. H., & Bek, Y. (1976). A comparison of three randomized response models for quantitative data. Journal of the American Statistical Association, 71, 884–886.CrossRef

Posey, C., Bennett, R. J., & Roberts, T. L. (2011a). Understanding the mindset of the abusive insider: An examination of insiders’ causal reasoning following internal security changes. Computers & Security, 30(6), 486–497.CrossRef

Posey, C., Bennett, R. J., Roberts, T. L., & Lowry, P. B. (2011b). When computer monitoring backfires: Privacy invasions and organizational injustice as precursors to computer abuse. Journal of Information Systems Security, 7(1), 24–47.

Randall, D. M., & Gibson, A. M. (1990). Methodology in business ethics research: A review and critical assessment. Journal of Business Ethics, 9(6), 457–471.CrossRef

Siponen, M., & Vance, A. (2010). Neutralization: New insights into the problem of employee information systems security policy violations. MIS Quarterly, 34(3), 487–502.CrossRef

Siponen, M., Willison, R., & Baskerville, R. (2008). Power and practice in information systems security research. Proceedings of the international conference on information systems (paper 26). Paris, Association for Information Systems.

Stanton, J. M., Stam, K. R., Mastrangelo, P., & Jolton, J. (2005). Analysis of end user security behavior. Computers & Security, 24(2), 124–133.CrossRef

Stem, D. E., Jr., & Steinhorst, R. K. (1984). Telephone interview and mail questionnaire applications of the randomized response model. Journal of the American Statistical Association, 79, 555–564.CrossRef

Straub, D. W., Jr. (1990). Effective IS security: An empirical study. Information Systems Research, 1(3), 255–276.CrossRef

Straub, D. W., Jr., & Nance, W. D. (1990). Discovering and disciplining computer abuse in organizations: A field study. MIS Quarterly, 14(1), 45–60.CrossRef

van den Hout, A., & Kooiman, P. (2006). Estimating the linear regression model with categorical covariates subject to randomized response. Computational Statistics & Data Analysis, 50(11), 3311–3323.CrossRef

Vance, A., & Siponen, M. (2012). IS security policy violations: A rational choice perspective. Journal of Organizational and End User Computing, 24(1), 21–41.CrossRef

Vitak, J., Crouse, J., & LaRose, R. (2011). Personal internet use at work: Understanding cyberslacking. Computers in Human Behavior, 27(5), 1751–1759.CrossRef

Warner, S. L. (1965). Randomized response: A survey technique for eliminating evasive answer bias. Journal of the American Statistical Association, 60, 63–69.CrossRef

Webster, J., & Watson, R. T. (2002). Analyzing the past to prepare for the future: Writing a literature review. MIS Quarterly, 26(2), 13–23.

Willison, R., & Siponen, M. (2009). Overcoming the insider: Reducing employee computer crime through situational crime prevention. Communications of the ACM, 52(9), 133–137.CrossRef

Workman, M., Bommer, W. H., & Straub, D. (2008). Security lapses and the omission of information security measures: A threat control model and empirical test. Computers in Human Behavior, 24(6), 2799–2816.CrossRef

Zdep, S. M., & Rhodes, I. N. (1976). Making the randomized response technique work. Public Opinion Quarterly, 40(4), 531–537.CrossRef

Titel: Applying the Randomized Response Technique in Business Ethics Research: The Misuse of Information Systems Resources in the Workplace
verfasst von: Amanda M. Y. Chu
Mike K. P. So
Ray S. W. Chung
Publikationsdatum: 01.07.2016
Verlag: Springer Netherlands
Erschienen in: Journal of Business Ethics / Ausgabe 1/2018
Print ISSN: 0167-4544
Elektronische ISSN: 1573-0697
DOI: https://doi.org/10.1007/s10551-016-3240-5

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 1/2018

Apple: Good Business, Poor Citizen?

Both Sides of the Coin: Motives for Corruption Among Public Officials and Business Employees

The Impact of Financial Incentives and Perceptions of Seriousness on Whistleblowing Intention

Goffman’s Return to Las Vegas: Studying Corruption as Social Interaction

Remarks on Lydenberg’s “Reason, Rationality and Fiduciary Duty”

Anger Strays, Fear Refrains: The Differential Effect of Negative Emotions on Consumers’ Ethical Judgments

Premium Partner