Search results

The purpose of this paper is to suggest ways to integrate human resources (HR) and information security management (ISM) within a firm to help reduce expensive and embarrassing failures in information security breaches.

This paper is written for the practitioners. It includes a general review of literature in information technology and HR to help explain ways to decrease the chance of ISM failures.

Employees often become careless about information security in the workplace, and the threat to corporate information systems is serious. Although security training is essential, a more comprehensive approach to addressing the security issue is needed. As human factors account for most security breaches, including HR personnel as a partner with IT may help address some of the weaknesses that training alone cannot resolve.

This paper discusses the human factors that cause information technology breaches and how combining HR practices and ISM may generate a competitive advantage for the organization. This paper then offers practical suggestions that HR may use to help with ISM issues.

This study aims to investigate the effects of attribution of responsibility (AOR) for layoffs on the components of ethical decision-making. Internal, external and no-fault AOR were examined using the model of moral intensity to determine if placement of blame for the layoff influences ethical awareness, judgment and intent.

Surveys were collected from 397 students. The survey provided a scenario about a layoff situation involving an African-American woman and a Caucasian woman. Respondents then answered questions about moral intensity, moral judgment and moral intent concerning the layoff and identified the reasons they believed the layoff occurred. We tested our hypotheses using multiple regression analysis.

Subjects were more likely to make a moral judgment about the situation when layoffs were blamed on the company’s actions (external AOR) and less likely to make a moral judgment when the layoff decision was blamed on employee performance (internal AOR) or on economic factors beyond anyone’s control (no-fault AOR). Results also indicate that layoffs blamed on employee performance negatively moderate the relationship between moral judgment and moral intent.

Previous studies of layoff ethics have not examined the influence of AOR for layoffs using the model of moral intensity. Thus, this paper extends the current understanding of these concepts in ethical decision-making.

IT security breaches plague organizations worldwide, yet there continues to be a paucity of comprehensive research models for protective technologies. This study aims to develop an IT security user behavior model focusing on the protective technology anti-spyware which includes organizational climate, a theory of planned behavior (TPB) background variable and elicited salient user beliefs.

A multimethod approach, including interviews and a survey, is used to elicit salient user beliefs and test hypotheses of the influences of perceived IT security climate on those user beliefs and ultimately user behavioral intentions. Primary data were collected through interviews following the prescribed TPB methodology and an offline survey method with 254 valid responses recorded. Partial least squares was used to investigate the hypotheses.

The authors found that attitudinal beliefs – protecting organizational interests for data/privacy, preventing disruptions to work and control beliefs – monetary resources and time constraints mediate significant relationships between IT security climate and attitude and perceived behavioral control, respectively. Implications are discussed.

This study is the first, to the best of the authors’ knowledge, that uses both interviews and a survey to examine the relationships among IT security climate, elicited user beliefs and behavioral intentions in a TPB-based model for a protective technology.