Purpose -This study aims to identify antecedents to noncompliance behavior influenced by decision contexts where investments in time, effort and resources are devoted to a taskreferred to as a task unlikely to be completed without violating the organization's information security policy (ISP).Design/methodology/approach -An empirical test of the suggested relationships in the proposed model was conducted through a field study using the survey method for data collection. Pre-tests, pre-study, main study and a follow-up study compose the frame of our methodology where more than 500 respondents are involved across different organizations.Findings -The results confirm that the antecedents that explain the escalation of commitment behavior in terms of the effect of lost assets, such as time, effort and other resources, give us a new lens to understand noncompliance behavior; employees seem to escalate their commitments to the completion of their tasks at the expense of becoming noncompliant with ISP.Research limitations/implications -One of the key areas that requires further attention from this study is to better understand the role of risk perceptions on employee behavior when dealing with value conflicts. Depending on how risk-averse or risk seeking an employee is, the model showed no significant support in either case to influence their noncompliance behavior. The authors therefore argue that employees' noncompliance may be influenced by more powerful beliefs, such as self-justification and sunk costs.Practical implications -The results show that when employees are caught in tasks undergoing difficulties, they are more likely to increase noncompliance behavior. By understanding better how project obstacles result in such tasks, security managers can define new mechanisms to counter employees' shift from compliance to noncompliance.Social implications -Apart from encouraging compliance with enforcement mechanisms (using direct behavioral controls like sanctions or rewards), indirect behavior controls may also encourage compliance. The authors suggest that the ISPs should state that the organization would take positive actions toward task completion and help their employees to resolve their problems quickly.Originality/value -This study is the first to tackle escalation of commitment theories and use antecedents that explain the effect of lost assets, such as time, effort and other resources can also explain noncompliance with ISP in terms of the value conflicts, where employees would often choose to forego compliance at the expense of finishing their tasks.
It has been widely known that employees pose insider threats to the information and technology resources of an organization. In this paper, we develop a model to explain insiders' intentional violation of the requirements of an information security policy. We propose sunk cost as a mediating factor. We test our research model on data collected from three information-intensive organizations in banking and pharmaceutical industries (n=502). Our results show that sunk cost acts as a mediator between the proposed antecedents of sunk cost (i.e., completion effect and goal incongruency) and intentions to violate the ISP. We discuss the implications of our results for developing theory and for re-designing current security agendas that could help improve compliance behavior in the future.
Abstract. This study investigates the phenomenon of the lack of needed information, predominantly experienced through difficulties in human, social and industrial affairs. The key concern is, thus, to understand what really causes the lack of needed information. Answers to this concern have been provided from an array of studies mostly focused in the area of information management. However, the literature shows that there is no comprehensive a priori theory to guide an empirical investigation on this matter. Thus, the empirical investigation conducted here is based on grounded theory approach that investigates fifty cases, where the lack of needed information is clearly manifested. The empirical investigation suggests that the phenomenon of the lack of needed information seems to emerge because of diverse factors, ranging from political and cultural structures, through human individual capabilities, and ending with procedural and technological artefacts. The results present an initial outline for a possible future theory of information inadequacy.
Although Big Data generates many benefits for individuals, organizations and society, significant ethical issues are forcing governments to review their regulations so that citizens' rights are protected. Given these ethical issues and a gradual increase of awareness about them, individuals are in need of new technical solutions to engage with organizations that extract value from Big Data. Currently, available solutions do not adequately accommodate the conflicting interests of individuals and organizations. In this paper, we propose a conceptual design for an artifact that will raise awareness amongst individuals about Big Data ethical issues and help to restore the power balance between individuals and organizations. Furthermore, we set forward a design agenda outlining future activities towards building and evaluating our proposed artifact. Our work is grounded in discourse ethics and stakeholder theory and intertwined with the European General Data Protection Regulation (GDPR).
Information asymmetry is a problem that prevents communication processes to be effective in the digital economy. In this paper, we propose a model for understanding information asymmetry. Our analyses are conducted using the newspaper industry, the healthcare sector, and the stock exchange market. These analyses are examined using theories of communication processes in which two or more actors are necessary to engage in activities of information exchange. The study of these three examples resulted in the identification of four information exchange patterns: influenced, intentional, hindered, and unawares. Furthermore, we discuss implications of the model for information exchange in practice. The paper concludes by challenging sustainability in the digital economy, which remains problematic and difficult to achieve.
This final Chapter represents the responsibility, the privilege but also the aspiration of the two editors of this Gunilla Bradley Festschrift. The aspiration here is no less than to identify a key message that emerges out of the contributions in this volume considered as a whole. In other words, the question here is: what do all this research and reasoning say to us? Of course, each reader of this Volume will derive her or his own interpretation and thus also a key message, which we only see as the richness offered by this Festschrift. Therefore, the key message presented here must be regarded only as one possible message that is formed by the two editors’ own predispositions: intellectual, cultural, motivational, and other.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.