File Download
There are no files associated with this item.
Links for fulltext
(May Require Subscription)
- Publisher Website: 10.1111/isj.12063
- Scopus: eid_2-s2.0-84926407439
- WOS: WOS:000352624400003
- Find via
Supplementary
- Citations:
- Appears in Collections:
Article: Leveraging fairness and reactance theories to deter reactive computer abuse following enhanced organisational information security policies: An empirical study of the influence of counterfactual reasoning and organisational trust
| Title | Leveraging fairness and reactance theories to deter reactive computer abuse following enhanced organisational information security policies: An empirical study of the influence of counterfactual reasoning and organisational trust |
|---|---|
| Authors | |
| Keywords | Fairness theory (FT) Security education, training, and awareness (SETA) Security Reactive computer abuse (CA) Reactance theory (RT) Organisational trust Organisation communication Explanation adequacy (EA) Deterrence theory (DT) Deterrence Counterfactual reasoning |
| Issue Date | 2015 |
| Citation | Information Systems Journal, 2015, v. 25, n. 3, p. 193-273 How to Cite? |
| Abstract | © 2015 Wiley Publishing Ltd.Research shows that organisational efforts to protect their information assets from employee security threats do not always reach their full potential and may actually encourage the behaviours they attempt to thwart, such as reactive computer abuse (CA). To better understand this dilemma, we use fairness theory (FT) and reactance theory (RT) to explain why employees may blame organisations for and retaliate against enhanced information security policies (ISPs). We tested our model with 553 working professionals and found support for most of it. Our results show that organisational trust can decrease reactive CA. FT suggests that explanation adequacy (EA) is an important factor that builds trust after an event. Our results also suggest that trust both fully mediates the relationship between EA and CA and partially mediates the relationship between perceived freedom restrictions related to enhanced ISPs and reactive CA. EA also had a strong negative relationship with freedom restrictions. Moreover, organisational security education, training and awareness (SETA) initiatives decreased the perceptions of external control and freedom restrictions and increased EA, and advance notification of changes increased EA. We also included 14 control variables and rival explanations to determine with more confidence what drove reactive CA in our context. Notably, the deterrence theory (DT)-based constructs of sanction severity, certainty and celerity had no significant influence on reactive CA. We provide support for the importance of respectful communication efforts and SETA programmes, coupled with maximising employee rights and promoting trust and fairness to decrease reactive CA. These efforts can protect organisations from falling victim to their own organisational security efforts. |
| Persistent Identifier | http://hdl.handle.net/10722/233748 |
| ISSN | 2023 Impact Factor: 6.5 2023 SCImago Journal Rankings: 2.768 |
| ISI Accession Number ID |
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Lowry, Paul Benjamin | - |
| dc.contributor.author | Posey, Clay | - |
| dc.contributor.author | Bennett, Rebecca (Becky) J | - |
| dc.contributor.author | Roberts, Tom L. | - |
| dc.date.accessioned | 2016-09-27T07:21:32Z | - |
| dc.date.available | 2016-09-27T07:21:32Z | - |
| dc.date.issued | 2015 | - |
| dc.identifier.citation | Information Systems Journal, 2015, v. 25, n. 3, p. 193-273 | - |
| dc.identifier.issn | 1350-1917 | - |
| dc.identifier.uri | http://hdl.handle.net/10722/233748 | - |
| dc.description.abstract | © 2015 Wiley Publishing Ltd.Research shows that organisational efforts to protect their information assets from employee security threats do not always reach their full potential and may actually encourage the behaviours they attempt to thwart, such as reactive computer abuse (CA). To better understand this dilemma, we use fairness theory (FT) and reactance theory (RT) to explain why employees may blame organisations for and retaliate against enhanced information security policies (ISPs). We tested our model with 553 working professionals and found support for most of it. Our results show that organisational trust can decrease reactive CA. FT suggests that explanation adequacy (EA) is an important factor that builds trust after an event. Our results also suggest that trust both fully mediates the relationship between EA and CA and partially mediates the relationship between perceived freedom restrictions related to enhanced ISPs and reactive CA. EA also had a strong negative relationship with freedom restrictions. Moreover, organisational security education, training and awareness (SETA) initiatives decreased the perceptions of external control and freedom restrictions and increased EA, and advance notification of changes increased EA. We also included 14 control variables and rival explanations to determine with more confidence what drove reactive CA in our context. Notably, the deterrence theory (DT)-based constructs of sanction severity, certainty and celerity had no significant influence on reactive CA. We provide support for the importance of respectful communication efforts and SETA programmes, coupled with maximising employee rights and promoting trust and fairness to decrease reactive CA. These efforts can protect organisations from falling victim to their own organisational security efforts. | - |
| dc.language | eng | - |
| dc.relation.ispartof | Information Systems Journal | - |
| dc.subject | Fairness theory (FT) | - |
| dc.subject | Security education, training, and awareness (SETA) | - |
| dc.subject | Security | - |
| dc.subject | Reactive computer abuse (CA) | - |
| dc.subject | Reactance theory (RT) | - |
| dc.subject | Organisational trust | - |
| dc.subject | Organisation communication | - |
| dc.subject | Explanation adequacy (EA) | - |
| dc.subject | Deterrence theory (DT) | - |
| dc.subject | Deterrence | - |
| dc.subject | Counterfactual reasoning | - |
| dc.title | Leveraging fairness and reactance theories to deter reactive computer abuse following enhanced organisational information security policies: An empirical study of the influence of counterfactual reasoning and organisational trust | - |
| dc.type | Article | - |
| dc.description.nature | link_to_subscribed_fulltext | - |
| dc.identifier.doi | 10.1111/isj.12063 | - |
| dc.identifier.scopus | eid_2-s2.0-84926407439 | - |
| dc.identifier.volume | 25 | - |
| dc.identifier.issue | 3 | - |
| dc.identifier.spage | 193 | - |
| dc.identifier.epage | 273 | - |
| dc.identifier.eissn | 1365-2575 | - |
| dc.identifier.isi | WOS:000352624400003 | - |
| dc.identifier.issnl | 1350-1917 | - |