dc.contributor.author | Soliman, Wael | |
dc.contributor.author | Mohammadnazar, Hojat | |
dc.date.accessioned | 2022-01-18T07:16:25Z | |
dc.date.available | 2022-01-18T07:16:25Z | |
dc.date.issued | 2022 | |
dc.identifier.citation | Soliman, W., & Mohammadnazar, H. (2022). New Insights into the Justifiability of Organizational Information Security Policy Noncompliance : A Case Study. In <i>Proceedings of the 55th Hawaii International Conference on System Sciences (HICSS 2022)</i> (pp. 6812-6821). University of Hawai'i at Manoa. Proceedings of the Annual Hawaii International Conference on System Sciences. <a href="https://doi.org/10.24251/HICSS.2022.823" target="_blank">https://doi.org/10.24251/HICSS.2022.823</a> | |
dc.identifier.other | CONVID_103895825 | |
dc.identifier.uri | https://jyx.jyu.fi/handle/123456789/79384 | |
dc.description.abstract | Information security policies as apparatus for communicating security principles with employees are the cornerstone of organizational information security. Resultantly, extant literature has looked at different theories to better understand the noncompliance problem. Neutralization theory is emerging as one of the most popular approaches, not only as an explanation but also as a solution. In this in-depth qualitative study, we ask the question ‘how do employees justify violating the ISP’? Our findings reveal nine rationalizing techniques, three of which have not been recognized in previous research. We label them ‘I follow my own rules’, ‘matter of mere legality’ and ‘defense of uniqueness’. But more importantly, our in-depth insights point to the danger of taking these rationalizations out of context, since without context, it becomes impossible to judge whether the behavior or the rule, needs correcting, reflecting a dilemma recognized in the original writing of neutralization theory, which has since been forgotten. | en |
dc.format.mimetype | application/pdf | |
dc.language.iso | eng | |
dc.publisher | University of Hawai'i at Manoa | |
dc.relation.ispartof | Proceedings of the 55th Hawaii International Conference on System Sciences (HICSS 2022) | |
dc.relation.ispartofseries | Proceedings of the Annual Hawaii International Conference on System Sciences | |
dc.relation.uri | http://hdl.handle.net/10125/80163 | |
dc.rights | CC BY-NC-ND 4.0 | |
dc.title | New Insights into the Justifiability of Organizational Information Security Policy Noncompliance : A Case Study | |
dc.type | conferenceObject | |
dc.identifier.urn | URN:NBN:fi:jyu-202201181153 | |
dc.contributor.laitos | Informaatioteknologian tiedekunta | fi |
dc.contributor.laitos | Faculty of Information Technology | en |
dc.contributor.oppiaine | Empirical Cyber Security and Software Engineering | fi |
dc.contributor.oppiaine | Tietojärjestelmätiede | fi |
dc.contributor.oppiaine | Empirical Cyber Security and Software Engineering | en |
dc.contributor.oppiaine | Information Systems Science | en |
dc.type.uri | http://purl.org/eprint/type/ConferencePaper | |
dc.relation.isbn | 978-0-9981331-5-7 | |
dc.type.coar | http://purl.org/coar/resource_type/c_5794 | |
dc.description.reviewstatus | peerReviewed | |
dc.format.pagerange | 6812-6821 | |
dc.relation.issn | 1530-1605 | |
dc.type.version | publishedVersion | |
dc.rights.copyright | © Authors, 2022 | |
dc.rights.accesslevel | openAccess | fi |
dc.relation.conference | Hawaii International Conference on System Sciences | |
dc.subject.yso | tietosuoja | |
dc.subject.yso | tietoturva | |
dc.subject.yso | organisaatiot | |
dc.subject.yso | työntekijät | |
dc.subject.yso | asenteet | |
dc.format.content | fulltext | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p3636 | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p5479 | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p272 | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p1075 | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p5619 | |
dc.rights.url | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
dc.relation.doi | 10.24251/HICSS.2022.823 | |
dc.type.okm | A4 | |