Understanding Employee Security Misbehavior in Using Organizational Information Systems

Working PaperAuthorsPublish Date
31 Ken H Guo
Yufei Yuan
Jan. 2010

This study aims to investigate why users engage in “security misbehavior” (SMB) when using organizational information systems (IS). It is posited that user intention to engage in SMB is influenced by attitude toward SMB, workgroup norm, and perceived professional identity mismatch. Attitude toward SMB in turn is predicted by attitude toward targets (IS department and security policy), expectations of utilitarian outcome (perceived security risk, perceived accountability, and job performance expectation), workgroup norm, and perceived professional identity mismatch. The model was tested with partial least square (PLS) technique on data collected from a survey (N=104). The results suggested that both attitude toward SMB and workgroup norm have significant influence on SMB intention. User attitude toward SMB is influenced by workgroup norm and perceived identity mismatch. Workgroup norm appear to be a key determinant of user SMB intention.

DeGroote on Facebook DeGroote on Twitter WMA LinkedIn