oru.sePublikationer
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
New Insights Into Understanding Manager’s Intentions to Overlook ISP Violation in Organizations through Escalation of Commitment Factors
Örebro University, Örebro University School of Business. Linnaeus University, Växjö, Sweden. (CIRIS)
Örebro University, Örebro University School of Business. (CIRIS)
Boston College, Boston, Massachusetts.
2015 (English)In: Proceedings of the Ninth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2015), 2015Conference paper, Published paper (Refereed)
Abstract [en]

This paper addresses managers’ intentions to overlook their employees’ Information Security Policy (ISP) violation, in circumstances when on-going projects have to be completed and delivered even if ISP violation must take place to do so. The motivation is based on the concern that ISP violation can be influenced by escalation of commitment factors. Escalation is a phenomenon that explains how employees in organizations often get involved in nonperforming projects, commonly reflecting the tendency of persistence, when investments of resources have been initiated. We develop a theoretical understanding based on Escalation of Commitment theory that centres on two main factors of noncompliance, namely completion effect and sunk costs. We tested our theoretical concepts in a pilot study, based on qualitative and quantitative data received from 16 respondents from the IT – industry, each representing one respondent from the management level. The results show that while some managers are very strict about not accepting any form of ISP violation in their organization, their beliefs start to change when they realize that such form of violation may occur when their employees are closer to completion of a project. Our in-depth interviews with 3 respondents in the follow-up study, confirm the tension created between compliance with the ISP and the completion of the project. The results indicate that the larger the investments of time, efforts and money in a project, the more the managers consider that violation is acceptable

Place, publisher, year, edition, pages
2015.
Keyword [en]
Escalation of commitment, ISP violation, IT-industry, completion effect, sunk costs
National Category
Information Systems
Research subject
Informatics
Identifiers
URN: urn:nbn:se:oru:diva-45574Scopus ID: 2-s2.0-85026378315ISBN: 978-1-84102-388-5 (print)OAI: oai:DiVA.org:oru-45574DiVA: diva2:846382
Conference
Ninth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2015), Lesvos, Greece, July 1-3, 2015
Available from: 2015-08-17 Created: 2015-08-17 Last updated: 2017-10-09Bibliographically approved

Open Access in DiVA

No full text

Other links

ScopusAbstract + Paper

Search in DiVA

By author/editor
Kajtazi, MirandaKolkowska, Ella
By organisation
Örebro University School of Business
Information Systems

Search outside of DiVA

GoogleGoogle Scholar

Total: 280 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf