Development and validation of instruments of information security deviant behavior

Amanda M.Y. Chu; Patrick Y.K. Chau

doi:10.1016/j.dss.2014.06.008

Development and validation of instruments of information security deviant behavior

Amanda M.Y. Chu, Patrick Y.K. Chau

Research output: Journal Publication › Article › peer-review

36 Citations (Scopus)

Abstract

Information security deviant behavior (ISDB) of employees is a serious threat to organizations. However, not much empirical research on ISDB has been carried out. This paper attempts to develop and validate instruments of ISDB using an empirical method. Two instruments of ISDB are proposed and tested, including a four-item instrument of resource misuse (ISDB that is related to the misuse of information systems resources) and a three-item instrument of security carelessness (ISDB that is related to the employees' omissive activities when using computers or handling data). A rigorous instrument development process which includes three surveys and addresses six crucial measurement properties (content analysis, factorial validity, reliability, convergent validity, discriminant validity, and nomological validity) is adopted. The implications of these two instruments for future empirical studies on ISDB are discussed.

Original language	English
Pages (from-to)	93-101
Number of pages	9
Journal	Decision Support Systems
Volume	66
DOIs	https://doi.org/10.1016/j.dss.2014.06.008
Publication status	Published - Oct 2014
Externally published	Yes

Keywords

Deviant behavior
Information security
Instrument development
Measurement
Reliability
Validity

ASJC Scopus subject areas

Management Information Systems
Information Systems
Developmental and Educational Psychology
Arts and Humanities (miscellaneous)
Information Systems and Management

Access to Document

10.1016/j.dss.2014.06.008

Cite this

@article{043d159495a443ed87d6e35aabf075f8,

title = "Development and validation of instruments of information security deviant behavior",

abstract = "Information security deviant behavior (ISDB) of employees is a serious threat to organizations. However, not much empirical research on ISDB has been carried out. This paper attempts to develop and validate instruments of ISDB using an empirical method. Two instruments of ISDB are proposed and tested, including a four-item instrument of resource misuse (ISDB that is related to the misuse of information systems resources) and a three-item instrument of security carelessness (ISDB that is related to the employees' omissive activities when using computers or handling data). A rigorous instrument development process which includes three surveys and addresses six crucial measurement properties (content analysis, factorial validity, reliability, convergent validity, discriminant validity, and nomological validity) is adopted. The implications of these two instruments for future empirical studies on ISDB are discussed.",

keywords = "Deviant behavior, Information security, Instrument development, Measurement, Reliability, Validity",

author = "Chu, {Amanda M.Y.} and Chau, {Patrick Y.K.}",

year = "2014",

month = oct,

doi = "10.1016/j.dss.2014.06.008",

language = "English",

volume = "66",

pages = "93--101",

journal = "Decision Support Systems",

issn = "0167-9236",

publisher = "Elsevier",

}

TY - JOUR

T1 - Development and validation of instruments of information security deviant behavior

AU - Chu, Amanda M.Y.

AU - Chau, Patrick Y.K.

PY - 2014/10

Y1 - 2014/10

N2 - Information security deviant behavior (ISDB) of employees is a serious threat to organizations. However, not much empirical research on ISDB has been carried out. This paper attempts to develop and validate instruments of ISDB using an empirical method. Two instruments of ISDB are proposed and tested, including a four-item instrument of resource misuse (ISDB that is related to the misuse of information systems resources) and a three-item instrument of security carelessness (ISDB that is related to the employees' omissive activities when using computers or handling data). A rigorous instrument development process which includes three surveys and addresses six crucial measurement properties (content analysis, factorial validity, reliability, convergent validity, discriminant validity, and nomological validity) is adopted. The implications of these two instruments for future empirical studies on ISDB are discussed.

AB - Information security deviant behavior (ISDB) of employees is a serious threat to organizations. However, not much empirical research on ISDB has been carried out. This paper attempts to develop and validate instruments of ISDB using an empirical method. Two instruments of ISDB are proposed and tested, including a four-item instrument of resource misuse (ISDB that is related to the misuse of information systems resources) and a three-item instrument of security carelessness (ISDB that is related to the employees' omissive activities when using computers or handling data). A rigorous instrument development process which includes three surveys and addresses six crucial measurement properties (content analysis, factorial validity, reliability, convergent validity, discriminant validity, and nomological validity) is adopted. The implications of these two instruments for future empirical studies on ISDB are discussed.

KW - Deviant behavior

KW - Information security

KW - Instrument development

KW - Measurement

KW - Reliability

KW - Validity

UR - http://www.scopus.com/inward/record.url?scp=84908220241&partnerID=8YFLogxK

U2 - 10.1016/j.dss.2014.06.008

DO - 10.1016/j.dss.2014.06.008

M3 - Article

AN - SCOPUS:84908220241

SN - 0167-9236

VL - 66

SP - 93

EP - 101

JO - Decision Support Systems

JF - Decision Support Systems

ER -

Development and validation of instruments of information security deviant behavior

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this