lnu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
New insights into understanding manager's intentions to overlook ISP violation in organizations through escalation of commitment factors
Linnaeus University, Faculty of Technology, Department of Informatics. Örebro University, Sweden.
Örebro University, Sweden.
Boston College, USA.
2015 (English)In: Proceedings of the 9th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2015 / [ed] Clarke N.L., Furnell S.M., University of Plymouth , 2015, p. 131-140Conference paper, Published paper (Refereed)
Abstract [en]

This paper addresses managers' intentions to overlook their employees' Information Security Policy (ISP) violation, in circumstances when on-going projects have to be completed and delivered even if ISP violation must take place to do so. The motivation is based on the concern that ISP violation can be influenced by escalation of commitment factors. Escalation is a phenomenon that explains how employees in organizations often get involved in nonperforming projects, commonly reflecting the tendency of persistence, when investments of resources have been initiated. We develop a theoretical understanding based on Escalation of Commitment theory that centres on two main factors of noncompliance, namely completion effect and sunk costs. We tested our theoretical concepts in a pilot study, based on qualitative and quantitative data received from 16 respondents from the IT - industry, each representing one respondent from the management level. The results show that while some managers are very strict about not accepting any form of ISP violation in their organization, their beliefs start to change when they realize that such form of violation may occur when their employees are closer to completion of a project. Our in-depth interviews with 3 respondents in the followup study, confirm the tension created between compliance with the ISP and the completion of the project. The results indicate that the larger the investments of time, efforts and money in a project, the more the managers consider that violation is acceptable.

Place, publisher, year, edition, pages
University of Plymouth , 2015. p. 131-140
Keywords [en]
Completion effect, Escalation of commitment, ISP violation, It-industry, Sunk costs
National Category
Information Systems
Research subject
Computer and Information Sciences Computer Science, Information Systems
Identifiers
URN: urn:nbn:se:lnu:diva-117607Scopus ID: 2-s2.0-85026378315ISBN: 9781841023885 (print)OAI: oai:DiVA.org:lnu-117607DiVA, id: diva2:1711853
Conference
9th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2015, Lesvos 1-3 July 2015
Available from: 2022-11-18 Created: 2022-11-18 Last updated: 2022-11-18Bibliographically approved

Open Access in DiVA

No full text in DiVA

Scopus

Authority records

Kajtazi, Miranda

Search in DiVA

By author/editor
Kajtazi, Miranda
By organisation
Department of Informatics
Information Systems

Search outside of DiVA

GoogleGoogle Scholar

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 35 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf