Believe It or Not: Employees Intend to Comply with Information Security Policy Because of the Desire for Trade-Offs

Hung Pin Shih; Kee Hung Lai; Xitong Guo; T. C.E. Cheng

doi:10.4018/JGIM.294329

Believe It or Not: Employees Intend to Comply with Information Security Policy Because of the Desire for Trade-Offs

Hung Pin Shih, Kee Hung Lai, Xitong Guo, T. C.E. Cheng

Research output: Journal article publication › Journal article › Academic research › peer-review

8 Citations (Scopus)

Abstract

Most theories of information security policy (ISP), except a few focused on the insider-centric view, are grounded in the control-centric perspective, and most ISP compliance models stem from Western countries. Regulatory focus theory (RFT) proposes two modes of motivational regulation, promotion and prevention focused are supposed to motivate employee compliance in a trade-off. Culture is crucial to the study of ISP that puts control over human connections. Chinese guanxi, a specific dimension of Chinese culture, is better understood underlying the trust-distrust frame. To bridge the theoretical gap between the control-centric and the insider-centric perspectives, the authors develop an ISP behavioral model by taking an integrated approach from RFT and the trust-distrust frame. They employed scenario-based events about information security misconduct in the workplace to examine employees’ compliance intention and non-violation choice of ISP upon counterfactual thinking. The empirical results improve the theoretical and practical implications of security practices.

Original language	English
Journal	Journal of Global Information Management
Volume	29
Issue number	6
DOIs	https://doi.org/10.4018/JGIM.294329
Publication status	Published - 2021

Keywords

Counterfactual Thinking
Employee Compliance
Guanxi Practices
Information Security Policy
Non-Violation Choice
Promotion and Prevention Regulations
Trust-Distrust Frame

ASJC Scopus subject areas

Business and International Management
Computer Science Applications
Strategy and Management
Management Science and Operations Research
Information Systems and Management

More information

10.4018/JGIM.294329

Cite this

@article{f43c37a85bcb4ea2af122e742c843cac,

title = "Believe It or Not: Employees Intend to Comply with Information Security Policy Because of the Desire for Trade-Offs",

abstract = "Most theories of information security policy (ISP), except a few focused on the insider-centric view, are grounded in the control-centric perspective, and most ISP compliance models stem from Western countries. Regulatory focus theory (RFT) proposes two modes of motivational regulation, promotion and prevention focused are supposed to motivate employee compliance in a trade-off. Culture is crucial to the study of ISP that puts control over human connections. Chinese guanxi, a specific dimension of Chinese culture, is better understood underlying the trust-distrust frame. To bridge the theoretical gap between the control-centric and the insider-centric perspectives, the authors develop an ISP behavioral model by taking an integrated approach from RFT and the trust-distrust frame. They employed scenario-based events about information security misconduct in the workplace to examine employees{\textquoteright} compliance intention and non-violation choice of ISP upon counterfactual thinking. The empirical results improve the theoretical and practical implications of security practices.",

keywords = "Counterfactual Thinking, Employee Compliance, Guanxi Practices, Information Security Policy, Non-Violation Choice, Promotion and Prevention Regulations, Trust-Distrust Frame",

author = "Shih, {Hung Pin} and Lai, {Kee Hung} and Xitong Guo and Cheng, {T. C.E.}",

note = "Funding Information: The authors thank the three anonymous referees for their valuable comments and suggestions on earlier versions of this paper. This research received partial financial support from Social Science Foundation of Fujian Province, China, under project no. FJ2021B166. Publisher Copyright: {\textcopyright} 2021 IGI Global. All rights reserved.",

year = "2021",

doi = "10.4018/JGIM.294329",

language = "English",

volume = "29",

journal = "Journal of Global Information Management",

issn = "1062-7375",

publisher = "IGI Publishing",

number = "6",

}

TY - JOUR

T1 - Believe It or Not

T2 - Employees Intend to Comply with Information Security Policy Because of the Desire for Trade-Offs

AU - Shih, Hung Pin

AU - Lai, Kee Hung

AU - Guo, Xitong

AU - Cheng, T. C.E.

N1 - Funding Information: The authors thank the three anonymous referees for their valuable comments and suggestions on earlier versions of this paper. This research received partial financial support from Social Science Foundation of Fujian Province, China, under project no. FJ2021B166. Publisher Copyright: © 2021 IGI Global. All rights reserved.

PY - 2021

Y1 - 2021

N2 - Most theories of information security policy (ISP), except a few focused on the insider-centric view, are grounded in the control-centric perspective, and most ISP compliance models stem from Western countries. Regulatory focus theory (RFT) proposes two modes of motivational regulation, promotion and prevention focused are supposed to motivate employee compliance in a trade-off. Culture is crucial to the study of ISP that puts control over human connections. Chinese guanxi, a specific dimension of Chinese culture, is better understood underlying the trust-distrust frame. To bridge the theoretical gap between the control-centric and the insider-centric perspectives, the authors develop an ISP behavioral model by taking an integrated approach from RFT and the trust-distrust frame. They employed scenario-based events about information security misconduct in the workplace to examine employees’ compliance intention and non-violation choice of ISP upon counterfactual thinking. The empirical results improve the theoretical and practical implications of security practices.

AB - Most theories of information security policy (ISP), except a few focused on the insider-centric view, are grounded in the control-centric perspective, and most ISP compliance models stem from Western countries. Regulatory focus theory (RFT) proposes two modes of motivational regulation, promotion and prevention focused are supposed to motivate employee compliance in a trade-off. Culture is crucial to the study of ISP that puts control over human connections. Chinese guanxi, a specific dimension of Chinese culture, is better understood underlying the trust-distrust frame. To bridge the theoretical gap between the control-centric and the insider-centric perspectives, the authors develop an ISP behavioral model by taking an integrated approach from RFT and the trust-distrust frame. They employed scenario-based events about information security misconduct in the workplace to examine employees’ compliance intention and non-violation choice of ISP upon counterfactual thinking. The empirical results improve the theoretical and practical implications of security practices.

KW - Counterfactual Thinking

KW - Employee Compliance

KW - Guanxi Practices

KW - Information Security Policy

KW - Non-Violation Choice

KW - Promotion and Prevention Regulations

KW - Trust-Distrust Frame

UR - http://www.scopus.com/inward/record.url?scp=85134757264&partnerID=8YFLogxK

U2 - 10.4018/JGIM.294329

DO - 10.4018/JGIM.294329

M3 - Journal article

AN - SCOPUS:85134757264

SN - 1062-7375

VL - 29

JO - Journal of Global Information Management

JF - Journal of Global Information Management

IS - 6

ER -

Believe It or Not: Employees Intend to Comply with Information Security Policy Because of the Desire for Trade-Offs

Abstract

Keywords

ASJC Scopus subject areas

More information

Other files and links

Fingerprint

Cite this