What drives information security policy violations among banking employees? Insights from neutralization and social exchange theory

Pei Lee Teh, Pervaiz K Ahmed, John P D'Arcy

    Research output: Contribution to journalArticleResearchpeer-review

    9 Citations (Scopus)

    Abstract

    Employees information security policy (ISP) violations are a major problem that plagues organizations worldwide, particularly in the banking/financial sector. Research shows that employees use neutralization techniques to rationalize their ISP violating behaviors; it is therefore important to understand what leads to and influences these neutralization techniques. The authors study draws upon social exchange theory to develop a set of factors that drive employees neutralization of ISP violations. The model specifies previously untested relationships between job satisfaction, organizational commitment, role conflict, role ambiguity,and neutralization techniques. Using a sample of Malaysian banking employees, the authors found a positive relationship between role conflict and neutralization of ISP violations, whereas organizational commitment was negatively related to neutralization in this context. The authors findings offer fresh insights for scholars and practitioners in dealing with the problem of employees intentional ISP violations while extending the reach of neutralization theory beyond North American and European cultures.
    Original languageEnglish
    Pages (from-to)44 - 64
    Number of pages21
    JournalJournal of Global Information Management
    Volume23
    Issue number1
    DOIs
    Publication statusPublished - 2015

    Cite this