Understanding information security behavioral intentions: A Deterrence Approach

• Main Authors: Pei-Ting Kao, 高珮庭
• Other Authors: 施盛寶
• Format: Others
• Language: zh-TW
• Published: 2012
• Online Access: http://ndltd.ncl.edu.tw/handle/47384411887539612382

碩士 === 淡江大學 === 資訊管理學系碩士班 === 100 === In the dynamic enterprise environment, information technology infrastructure and the computers in organizations often suffer from security threats. In addition to the research on information security technology, many literatures have studied information security from management side, such as managing the information security behavior of employees to ensure internal information security of the organizations. Deterrence theory, therefore, has been employed to investigate employees’ information security behavior. However, these researches showed inconsistent results that perceived severity and perceived certainty may not both affect individuals’ behaviors because of the contextual effects influenced by the individual or environmental factors. Draw on this issue, based on the social influence theory proposed by Kelman, this study tend to understand the effects of the employees’ organizational commitment on the relations between the deterrence and employees’ information security behavior intention. We collected 168 samples from top 500 service companies on the list of CommonWealth magazine in 2011. The results showed that severity of punishment and certainty of detection had positive effects on employees’ information security behavior intention. In addition, employees'' psychological aspects of organizational commitment enhanced the effects of deterrence on information security behavior intention. From this study, we implied that management has to notice the psychological part of employees’ commitment to the organizations when introducing disciplinary actions in companies.