Reference Hub

This research has been cited in:

Article
Applying the Randomized Response Technique in Business Ethics Research: The Misuse of Information Systems Resources in the WorkplaceJournal of Business Ethics10.1007/s10551-016-3240-5
Article
Moving beyond cyber security awareness and training to engendering security knowledge sharingInformation Systems and e-Business Management10.1007/s10257-022-00575-2
Article
An examination of factors that influence the number of information security policy violations in Qatari organizationsInformation & Computer Security10.1108/ICS-03-2014-0018
Chapter
Neural Activity Related to Information Security Decision Making: Effects of Who Is Rewarded and When the Reward Is ReceivedInformation Systems and Neuroscience10.1007/978-3-030-01087-4_3
Article
Peers matter: The moderating role of social influence on information security policy complianceInformation Systems Journal10.1111/isj.12271
Article
Voluntary and instrumental information security policy compliance: an integrated view of prosocial motivation, self-regulation and deterrenceComputers & Security10.1016/j.cose.2021.102568
Article
Information Security Policy Compliance: Leadership, Trust, Role Values, and AwarenessJournal of Computer Information Systems10.1080/08874417.2019.1668738
Article
Creating compliance value through informal work proceduresCogent Social Sciences10.1080/23311886.2018.1551828
Conference
Assessing Sunk Cost Effect on Employees' Intentions to Violate Information Security Policies in Organizations2014 47th Hawaii International Conference on System Sciences10.1109/HICSS.2014.393
Article
Bring your own device in organizations: Extending the reversed IT adoption logic to security paradoxes for CEOs and end usersInternational Journal of Information Management10.1016/j.ijinfomgt.2018.07.007
Article
A Configurational Analysis of the Causes of Consumer Indirect Misbehaviors in Access-Based ConsumptionJournal of Business Ethics10.1007/s10551-020-04637-8
Conference
Evolvement of Information Security Research on Employees' Behavior: A Systematic Review and Future Direction2015 48th Hawaii International Conference on System Sciences10.1109/HICSS.2015.508
Article
Safety-Specific Passive-Avoidant Leadership and Safety Compliance among Chinese Steel Workers: The Moderating Role of Safety Moral Belief and Organizational SizeInternational Journal of Environmental Research and Public Health10.3390/ijerph18052700
Article
New insights into the problem of software piracy: The effects of neutralization, shame, and moral beliefsInformation & Management10.1016/j.im.2012.06.004
Article
Stress-based security compliance model – an exploratory studyInformation & Computer Security10.1108/ICS-10-2014-0067
Article
Neural variability fingerprint predicts individuals’ information security violation intentionsFundamental Research10.1016/j.fmre.2021.10.002
Article
The quest for complete security: An empirical analysis of users’ multi-layered protection from security threatsInformation Systems Frontiers10.1007/s10796-017-9755-1
Article
Cognitive‐affective drivers of employees' daily compliance with information security policies: A multilevel, longitudinal studyInformation Systems Journal10.1111/isj.12173
Article
“THAT’S HOW THEY TAUGHT US TO DO IT”: Learned Deviance and Inadequate Deterrents in Retail BankingDeviant Behavior10.1080/01639625.2017.1286179
Article
Employee responses to information security related stress: Coping and violation intentionInformation Systems Journal10.1111/isj.12417
Article
Behavioural threshold analysis: methodological and practical considerations for applications in information securityBehaviour & Information Technology10.1080/0144929X.2019.1569163
Article
Information security burnout: Identification of sources and mitigating factors from security demands and resourcesJournal of Information Security and Applications10.1016/j.jisa.2019.03.012
Article
Proposing the control‐reactance compliance model (CRCM) to explain opposing motivations to comply with organisational information security policiesInformation Systems Journal10.1111/isj.12043
Article
Exploring the effects of organizational justice, personal ethics and sanction on internet use policy complianceInformation Systems Journal10.1111/isj.12037
Article
Using event-related brain potentials to explore the temporal dynamics of decision-making related to information securityFrontiers in Neuroscience10.3389/fnins.2022.878248
Article
Factors influencing the information security behaviour of IT employeesBehaviour & Information Technology10.1080/0144929X.2019.1623322
Article
Information protection behaviors: morality and organizational criticalityInformation & Computer Security10.1108/ICS-07-2018-0092
Article
Protecting intellectual property from insider threatsJournal of Intellectual Capital10.1108/JIC-05-2019-0096
Article
IS professionals’ information security behaviors in Chinese IT organizations for information security protectionInformation Processing & Management10.1016/j.ipm.2021.102744
Article
Explaining Organizational Employee Computer Abuse Through an Extended Health Belief ModelSSRN Electronic Journal10.2139/ssrn.3070823
Article
Organizational Information Security Management for Sustainable Information Systems: An Unethical Employee Information Security Behavior PerspectiveSustainability10.3390/su12083163
Article
Organizational information security policies: a review and research frameworkEuropean Journal of Information Systems10.1057/s41303-017-0059-9
Article
Using Rational Choice Theory to Explore Factors Impacting Contact Tracing Application AdoptionInformation Systems Management10.1080/10580530.2023.2196454
Article
Understanding personal use of the Internet at work: An integrated model of neutralization techniques and general deterrence theoryComputers in Human Behavior10.1016/j.chb.2014.05.043
Article
The effects of moral disengagement and organizational ethical climate on insiders’ information security policy violation behaviorInformation Technology & People10.1108/ITP-12-2017-0421
Article
Perceptions of organizational culture and value conflicts in information security managementInformation & Computer Security10.1108/ICS-08-2017-0058
Article
Cyberloafing in the workplace: mitigation tactics and their impact on individuals’ behaviorInformation Technology and Management10.1007/s10799-017-0280-1
Chapter
Health Belief Model and Organizational Employee Computer AbuseHCI in Business, Government, and Organizations10.1007/978-3-319-91716-0_15
Article
Privacy and Security in Cognitive Cities: A Systematic ReviewApplied Sciences10.3390/app11104471
Article
A Study of the Factors that Influence the Information Security Policy Compliance of Employees in Financial FirmsJournal of Korea Service Management Society10.15706/jksms.2013.14.1.007
Article
Self-control, organizational context, and rational choice in Internet abuses at workInformation & Management10.1016/j.im.2017.09.002
Article
Information security: Listening to the perspective of organisational insidersJournal of Information Science10.1177/0165551517748288
Article
An exploratory examination of organizational insiders’ descriptive and normative perceptions of cyber-relevant rights and responsibilitiesComputers & Security10.1016/j.cose.2020.102038
Article
Information security policy compliance: a higher education case studyInformation & Computer Security10.1108/ICS-09-2016-0073
Article
Information system security policy noncompliance: the role of situation-specific ethical orientationInformation Technology & People10.1108/ITP-03-2019-0109
Article
Internal and external drivers for compliance with the COVID-19 preventive measures in Slovenia: The view from general deterrence and protection motivationPLOS ONE10.1371/journal.pone.0259675
Article
Theorizing the Behavioral Effects of Control Complementarity in Security Control PortfoliosInformation Systems Frontiers10.1007/s10796-021-10113-z
Article
Predicting Compliance of Security Policies: Norms and SanctionsJournal of Computer Information Systems10.1080/08874417.2023.2241413
Chapter
Information Systems SecurityWiley Encyclopedia of Management10.1002/9781118785317.weom070025
Article
Cyber–Information Security Compliance and Violation Behaviour in Organisations: A Systematic ReviewSocial Sciences10.3390/socsci11090386
Conference
Implement a Model for Describing and Maximising Security Knowledge Sharing2020 15th International Conference for Internet Technology and Secured Transactions (ICITST)10.23919/ICITST51030.2020.9351318
Article
Leveraging fairness and reactance theories to deter reactive computer abuse following enhanced organisational information security policies: an empirical study of the influence of counterfactual reasoning and organisational trustInformation Systems Journal10.1111/isj.12063
Article
Predicting communication constructs towards determining information security policies complianceSA Journal of Information Management10.4102/sajim.v22i1.1211
Article
Common Misunderstandings of Deterrence Theory in Information Systems Research and Future Research DirectionsACM SIGMIS Database: the DATABASE for Advances in Information Systems10.1145/3514097.3514101
Article
Neural correlates of decision making related to information security: Self-control and moral potencyPLOS ONE10.1371/journal.pone.0221808
Article
Identifying the idiosyncrasies of behavioral information security discourse and proposing future research directions: A Foucauldian perspectiveJournal of Information Technology10.1177/02683962231181146
Article
Examining the Boundary Effect of Information Systems Security Behavior Under Different Usage PurposesIEEE Access10.1109/ACCESS.2019.2949079
Article
Cybersecurity compliance behavior: Exploring the influences of individual decision style and other antecedentsInternational Journal of Information Management10.1016/j.ijinfomgt.2019.102056
Article
A taxonomy of cybercrime: Theory and designInternational Journal of Accounting Information Systems10.1016/j.accinf.2020.100467
Chapter
The Association Between Information Security and Reward ProcessingInformation Systems and Neuroscience10.1007/978-3-030-60073-0_35
Article
Designing an incentive mechanism for information security policy compliance: An experimentJournal of Economic Behavior & Organization10.1016/j.jebo.2023.05.033
Article
Workarounds and trade-offs in information security – an exploratory studyInformation & Computer Security10.1108/ICS-02-2016-0017
Article
Motivating information security policy compliance: The critical role of supervisor-subordinate guanxi and organizational commitmentInternational Journal of Information Management10.1016/j.ijinfomgt.2020.102152
Chapter
Behavioral Information Security ManagementComputing Handbook, Third Edition10.1201/b16768-62
Article
Human and contextual factors influencing cyber-security in organizations, and implications for higher education institutions: a systematic reviewGlobal Knowledge, Memory and Communication10.1108/GKMC-12-2021-0209
Conference
Designing Effective Knowledge Transfer Practices to Improve IS Security Awareness and Compliance2014 47th Hawaii International Conference on System Sciences10.1109/HICSS.2014.427
Article
Information Security Policy ComplianceSSRN Electronic Journal 10.2139/ssrn.3252742
Article
The role of ethical climates in employee information security policy violationsDecision Support Systems10.1016/j.dss.2023.114086
Article
Understanding the violation of IS security policy in organizations: An integrated model based on social control and deterrence theoryComputers & Security10.1016/j.cose.2013.09.009
Article
Are users competent to comply with information security policies? An analysis of professional competence modelsInformation Technology & People10.1108/ITP-02-2017-0052
Article
Response biases in policy compliance researchInformation & Computer Security10.1108/ICS-02-2019-0025
Chapter
Fortifying Corporate Human WallInformation Technology Risk Management and Compliance in Modern Organizations10.4018/978-1-5225-2604-9.ch006
Article
Exploring the Effect of Knowledge Transfer Practices on User Compliance to IS Security PracticesInternational Journal of Knowledge Management10.4018/ijkm.2014040105
Chapter
Information Security Program Effectiveness in OrganizationsStandards and Standardization10.4018/978-1-4666-8111-8.ch035
Article
Modelling the Impact of Administrative Access Controls on Technical Access Control MeasuresInformation Resources Management Journal10.4018/IRMJ.2017100104
Article
Protective Measures and Security Policy Non-Compliance IntentionJournal of Organizational and End User Computing10.4018/JOEUC.2019010101
Article
Security-Aware Autonomic Allocation of Cloud ResourcesJournal of Organizational and End User Computing10.4018/JOEUC.2020070102
Article
Information Security Program Effectiveness in OrganizationsJournal of Organizational and End User Computing10.4018/joeuc.2014010102
Article
Explaining Users' Security Behaviors with the Security Belief ModelJournal of Organizational and End User Computing10.4018/joeuc.2014070102
Article
End User Security Training for Identification and Access ManagementJournal of Organizational and End User Computing10.4018/joeuc.2013100104

IS Security Policy Violations: A Rational Choice Perspective

Anthony Vance, Mikko T. Siponen

Source Title: Journal of Organizational and End User Computing (JOEUC)24(1)

ISSN: 1546-2234|EISSN: 1546-5012|EISBN13: 9781466610330|DOI: 10.4018/joeuc.2012010102

Cite Article Cite Article

MLA

Vance, Anthony, and Mikko T. Siponen. "IS Security Policy Violations: A Rational Choice Perspective." JOEUC vol.24, no.1 2012: pp.21-41. http://doi.org/10.4018/joeuc.2012010102

APA

Vance, A. & Siponen, M. T. (2012). IS Security Policy Violations: A Rational Choice Perspective. Journal of Organizational and End User Computing (JOEUC), 24(1), 21-41. http://doi.org/10.4018/joeuc.2012010102

Chicago

Vance, Anthony, and Mikko T. Siponen. "IS Security Policy Violations: A Rational Choice Perspective," Journal of Organizational and End User Computing (JOEUC) 24, no.1: 21-41. http://doi.org/10.4018/joeuc.2012010102

Export Reference

Favorite Full-Issue Download

View Full Text HTML

View Full Text PDF

Abstract

Employee violations of IS security policies are reported as a key concern for organizations. Although behavioral research on IS security has received increasing attention from IS scholars, little empirical research has examined this problem. To address this research gap, the authors test a model based on Rational Choice Theory (RCT)—a prominent criminological theory not yet applied in IS—which explains, in terms of a utilitarian calculation, an individual’s decision to commit a violation. Empirical results show that the effects of informal sanctions, moral beliefs, and perceived benefits convincingly explain employee IS security policy violations, while the effect of formal sanctions is insignificant. Based on these findings, the authors discuss several implications for research and practice.

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.

Username or email: *

Password: *

Forgot individual login password?

Create individual account

IS Security Policy Violations: A Rational Choice Perspective

MLA

APA

Chicago

Export Reference

Abstract

Request Access