Author
Listed:
- Alexandre Cappellozza
- Gustavo Hermínio Salati Marcondes de Moraes
- Gilberto Perez
- Alessandra Lourenço Simões
Abstract
Purpose - This paper aims to investigate the influence of moral disengagement, perceived penalty, negative experiences and turnover intention on the intention to violate the established security rules. Design/methodology/approach - The method used involves two stages of analysis, using techniques of structural equation modeling and artificial intelligence with neural networks, based on information collected from 318 workers of organizational information systems. Findings - The model provides a reasonable prediction regarding the intention to violate information security policies (ISP). The results revealed that the relationships of moral disengagement and perceived penalty significantly influence such an intention. Research limitations/implications - This research presents a multi-analytical approach that expands the robustness of the results by the complementarity of each analysis technique. In addition, it offers scientific evidence of the factors that reinforce the cognitive processes that involve workers’ decision-making in security breaches. Practical implications - The practical recommendation is to improve organizational communication to mitigate information security vulnerabilities in several ways, namely, training actions that simulate daily work routines; exposing the consequences of policy violations; disseminating internal newsletters with examples of inappropriate behavior. Social implications - Results indicate that information security does not depend on the employees’ commitment to the organization; system vulnerabilities can be explored even by employees committed to the companies. Originality/value - The study expands the knowledge about the individual factors that make information security in companies vulnerable, one of the few in the literature which aims to offer an in-depth perspective on which individual antecedent factors affect the violation of ISP.
Suggested Citation
Alexandre Cappellozza & Gustavo Hermínio Salati Marcondes de Moraes & Gilberto Perez & Alessandra Lourenço Simões, 2021.
"Antecedent factors of violation of information security rules,"
RAUSP Management Journal, Emerald Group Publishing Limited, vol. 57(1), pages 85-103, December.
Handle:
RePEc:eme:rauspp:rausp-02-2021-0022
DOI: 10.1108/RAUSP-02-2021-0022
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eme:rauspp:rausp-02-2021-0022. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Emerald Support (email available below). General contact details of provider: .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/eme/rauspp/rausp-02-2021-0022.html
