Abstract
Information security deviant behavior (ISDB) of employees is a serious threat to organizations. However, not much empirical research on ISDB has been carried out. This paper attempts to develop and validate instruments of ISDB using an empirical method. Two instruments of ISDB are proposed and tested, including a four-item instrument of resource misuse (ISDB that is related to the misuse of information systems resources) and a three-item instrument of security carelessness (ISDB that is related to the employees' omissive activities when using computers or handling data). A rigorous instrument development process which includes three surveys and addresses six crucial measurement properties (content analysis, factorial validity, reliability, convergent validity, discriminant validity, and nomological validity) is adopted. The implications of these two instruments for future empirical studies on ISDB are discussed.
Original language | English |
---|---|
Pages (from-to) | 93-101 |
Number of pages | 9 |
Journal | Decision Support Systems |
Volume | 66 |
DOIs | |
Publication status | Published - Oct 2014 |
Externally published | Yes |
Keywords
- Deviant behavior
- Information security
- Instrument development
- Measurement
- Reliability
- Validity
ASJC Scopus subject areas
- Management Information Systems
- Information Systems
- Developmental and Educational Psychology
- Arts and Humanities (miscellaneous)
- Information Systems and Management