Effects of Sanctions, Moral Beliefs, and Neutralization on Information Security Policy Violations Across Cultures
Vance, A., Boyer Fellow, S. J., Siponen, M. T., & Straub, D. W. (2020). Effects of Sanctions, Moral Beliefs, and Neutralization on Information Security Policy Violations Across Cultures. Information and Management, 57(4), Article 103212. https://doi.org/10.1016/j.im.2019.103212
Published inInformation and Management
Embargoed until: 2023-07-01Request copy from author
© 2020 Elsevier Inc
A principal concern of organizations is the failure of employees to comply with information security policies (ISPs). Deterrence theory is one of the most frequently used theories for examining ISP violations, yet studies using this theory have produced mixed results. Past research has indicated that cultural differences may be one reason for these inconsistent findings and have hence called for cross-cultural research on deterrence in information security. To address this gap, we formulated a model including deterrence, moral beliefs, shame, and neutralization techniques and tested it with the employees from 48 countries working for a large multinational company.
Publication in research information system
MetadataShow full item record
Showing items with similar title or keywords.
Niemimaa, Marko; Niemimaa, Elina (Taylor & Francis, 2019)Developing organisational information security (InfoSec) policies that account for international best practices but are contextual is as much an opportunity for improving InfoSec as it is a challenge. Previous research ...
Common Misunderstandings of Deterrence Theory in Information Systems Research and Future Research Directions Siponen, Mikko; Soliman, Wael; Vance, Anthony (ACM, 2022)In the 1980s, information systems (IS) borrowed deterrence theory (DT) from the field of criminology to explain information security behaviors (or intention). Today, DT is among the most commonly used theories in IS security ...
Investigating the Impact of Organizational Culture on Information Security Policy Compliance : The Case of Ethiopia Ejigu, Kibrom Tadesse; Siponen, Mikko; Arage, Tilahun Muluneh (Association for Information Systems, 2021)Information security is one of the organizations' top agendas worldwide. Similarly, there is a growing trend in the kinds and rate of security breaches. Information security experts and scholars concentrate on outsiders' ...
Wu, Shan (2016)This thesis aims to have an overview of the current studies in the development of information security policy. The research is based on a systematical literature review. The study focuses on the development process of ...
Siponen, Mikko; Puhakainen, Petri; Vance, Anthony (Elsevier Advanced Technology, 2020)Individuals’ lack of adherence to password security policy is a persistent problem for organizations. This problem is especially worrisome because passwords remain the primary authentication mechanism for information ...