Assessing self-justification as an antecedent of noncompliance with information security policies

Kajtazi, M, Cavusoglu, H, Benbasat, I and Haftor, D 2013, 'Assessing self-justification as an antecedent of noncompliance with information security policies', in Hepu Deng and Craig Standing (ed.) ACIS 2013: Information systems: Transforming the Future: Proceedings of the 24th Australasian Conference on Information Systems, Melbourne, Australia, 4-6 December, 2013, pp. 1-12.


Document type: Conference Paper
Collection: Conference Papers

Title Assessing self-justification as an antecedent of noncompliance with information security policies
Author(s) Kajtazi, M
Cavusoglu, H
Benbasat, I
Haftor, D
Year 2013
Conference name 24th Australasian Conference on Information Systems (ACIS)
Conference location Melbourne, Australia
Conference dates 4-6 December, 2013
Proceedings title ACIS 2013: Information systems: Transforming the Future: Proceedings of the 24th Australasian Conference on Information Systems
Editor(s) Hepu Deng and Craig Standing
Publisher RMIT University
Place of publication Melbourne, Australia
Start page 1
End page 12
Abstract This paper aims to extend our knowledge about employees’ noncompliance with Information Security Policies (ISPs), focusing on employees’ self-justification as a result of escalation of commitment that may trigger noncompliance behaviour. Escalation presents a situation when employees must decide whether to persist or withdraw from nonperforming tasks at work. Drawing on self-justification theory and prospect theory, our model presents two escalation factors in explaining employee’s willingness to engage in noncompliance behaviour with ISPs: self-justification and risk perceptions. We also propose that perceived benefits of noncompliance and perceived costs of compliance, at the intersection of cognitive and emotional driven acts influence self-justification. The model is tested based on 376 respondents from banking industry. The results show that while self-justification has a significant impact on willingness, risk perceptions do not moderate their relation. We suggest that future research should explore the roles of self-justification in noncompliance to a greater extent.
Subjects Other Information and Computing Sciences
Keyword(s) Escalation of commitment behaviour
information security policy
noncompliance behaviour
risk perceptions
self-justification
Copyright notice © 2013. The Authors
Versions
Version Filter Type
Access Statistics: 180 Abstract Views  -  Detailed Statistics
Created: Fri, 05 Dec 2014, 15:14:57 EST by Keely Chapman
© 2014 RMIT Research Repository • Powered by Fez SoftwareContact us