透過您的圖書館登入 IP:3.12.161.161
透過您的圖書館登入
IP:3.12.161.161
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 學位論文

控制機制對員工資訊安全行為意圖影響之研究

Exploring the Impacts of Control Mechanisms on Information Security Behavioral Intentions

鄭佳容(Chia-Rong Cheng)
指導教授 : 施盛寶
淡江大學/管理學院/資訊管理學系碩士班/碩士(2012年)
https://doi.org/10.6846/TKU.2012.00034
全文下載

摘要

現今資訊安全的技術已日漸成熟,資訊人員或使用者也都能遵從資訊安全的規範,雖然組織已明文規定相關的資訊安全規範與控制,但問題仍會發生,且常常發生在人(即員工)身上。因此,過去資訊安全的研究也從「資訊安全技術」的層面轉變到更重視「資訊安全管理」層面,本研究希望能了解組織中資訊安全管理措施上,利用正式與非正式這兩種不同的控制機制對組織內員工資訊安全行為的影響,以及何種控制機制能更有效影響員工資訊安全行為。研究針對天下雜誌2011年500大服務業的公司,透過關係聯絡對方公司,請其代發問卷給公司內的員工進行調查。本研究結果除了組織原本的正式控制機制會影響員工資訊安全行為的意圖外,非正式控制機制中的非正式評估也會正向影響員工資訊安全行為的意圖,使員工更注意自身的資訊安全行為。期望公司能以本研究為參考依據,應用員工之間更多控制的機制來強化員工資訊安全的行為,使組織免於資訊安全的問題與威脅。

關鍵字

控制理論 正式控制機制 非正式控制機制 資訊安全行為意圖

並列摘要

As current information security technology has become more mature, IT staff or employees are required to comply with security policies. However, related information security problems, especially the inadequate security behaviors from employees, still occur in the organizations though the organizations have expressly devoted resources to information security standards and controls. Focusing on this issue, more academic information security research is shifting from the "security technology" side to "information security management". This study is to understand the effects of information security management measures, formal and informal control mechanisms, on information security behavior intention. We collected 175 samples from the list of largest 500 service companies in Taiwan from CommonWealth 2011. The results shows that formal control mechanisms (i.e. specification, evaluation, rewards) have positive effects on information security behavior intention, in addition, the informal evaluation of informal control mechanism also positively impacts information security behavior intention. We found that better outcomes can be obtained when exercising two control modes simultaneously. Managerial implications, research implications, and future research directions were also provided.

並列關鍵字

control theory formal control mechanisms informal control mechanisms information security behavioral intention

參考文獻

Adler, P.S., and Borys, B. 1996. "Two Types of Bureaucracy: Enabling and Coercive," Administrative Science Quarterly (41:1), pp 61-89.
Anderson, C.L., and Agarwal, R. 2010. "Practicing Safe Computing: A Nultimedia Empirical Examination of Home Computer User Security Behavioral Intentions," MIS Quarterly (34:3), pp 613-643.
Ashenden, D. 2008. "Information Security Management: A Human Challenge?," Information Security Technical Report (13:4), pp 195-201.
Boss, S.R., Kirsch, L.J., Angermeier, I., Shingler, R.A., and Boss, R.W. 2009. "If Someone Is Watching, I'll Do What I'm Asked: Mandatoriness, Control, and Information Security," European Journal of Information Systems (18:2), pp 151-164.
Bulgurcu, B., Cavusoglu, H., and Benbasat, I. 2010. "Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness," MIS Quarterly (34:3), pp 523-548.

延伸閱讀

全文下載