Intentions to Comply Versus Intentions to Protect: A VIE Theory Approach to Understanding the Influence of Insiders’ Awareness of Organizational SETA Efforts

Intentions to Comply Versus Intentions to Protect: A VIE Theory Approach to Understanding the Influence of Insiders’ Awareness of Organizational SETA Efforts

ABSTRACT In contemporary organizations, the protection of an organization's information assets is reliant on the behavior of those entrusted with access to organizational information and information systems (IS). Because of this reliance, organizations increasingly prioritize the training and e...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Decision sciences 2018-12, Vol.49 (6), p.1187-1228
Hauptverfasser: Burns, A. J., Roberts, Tom L., Posey, Clay, Bennett, Rebecca J., Courtney, James F.
Format: Artikel
Sprache:eng
Schlagworte:
Assets
Behavior
Compliance
Cybersecurity
Education
Expectancy theories
Expectancy Theory
Information systems
Organizations
Policy Compliance
Reliance
Security Intentions
Security Training
Training
VIE Theory
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 1228
container_issue 6
container_start_page 1187
container_title Decision sciences
container_volume 49
creator Burns, A. J.
Roberts, Tom L.
Posey, Clay
Bennett, Rebecca J.
Courtney, James F.
description ABSTRACT In contemporary organizations, the protection of an organization's information assets is reliant on the behavior of those entrusted with access to organizational information and information systems (IS). Because of this reliance, organizations increasingly prioritize the training and education of employees through security education, training, and awareness (SETA) initiatives. Through expectancy theory and its central components of valence, instrumentality, and expectancy (VIE), we investigate the role of insiders’ awareness of organizational SETA efforts on two similar, yet distinct, security‐related intentions: intention to comply with information security policies (ISPs) and intention to protect the organization's information assets from their threats. Not only do we show how distinct these two concepts are from a quantitative standpoint, we also demonstrate differences between insiders’ compliance and protection intentions, as well as their motivational antecedents. Moreover, we demonstrate how our powerful, yet parsimonious, model based on expectancy theory explains a significant portion of the variance in these two important concepts: 52.7% in intentions to comply with ISPs and 68.1% in intentions to protect organizational information assets. We discuss the implications of our findings for research and practice and offer future research opportunities.
doi_str_mv 10.1111/deci.12304
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2160689315</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2160689315</sourcerecordid><originalsourceid>FETCH-LOGICAL-c3334-e144ad8ab7da4f7678e336412d244af122329d03003c8d76544e354872c7c9cc3</originalsourceid><addsrcrecordid>eNp9kbtOwzAYhS0EEqWw8ASW2JBS7Ni5lC0qASpVKhJt18g4f9pUqV1sV1WYeA0m3o0nwaEsLHixrPP9l-OD0CUlA-rPTQmyHtCQEX6EejTiJIiGNDpGPUIoDRJGo1N0Zu2aEBJHnPXQ51g5UK7WymKn8Uhvtk2LF2DszuK_2pPRDqS7xRlejHM8W4E2Lc62W6OFXHXEXJW-0AlV1mqJ3Qp8h6rZgZKAdeUftu6Ar_cPnO2FAQXWdsLULIWq30Q3SjT4OZ9lOK8qbZw9RyeVaCxc_N59NL_PZ6PHYDJ9GI-ySSAZYzwAyrkoU_GSlIJXSZykwFjMaViGXqhoGLJwWBJGCJNpmXjvHFjE0ySUiRxKyfro6tDXu3ndgXXFWu-M38YWIY1JnA7933nq-kBJo601UBVbU2-EaQtKii6Aogug-AnAw_QA7-sG2n_I4i4fjQ813xiCie4</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2160689315</pqid></control><display><type>article</type><title>Intentions to Comply Versus Intentions to Protect: A VIE Theory Approach to Understanding the Influence of Insiders’ Awareness of Organizational SETA Efforts</title><source>Wiley Online Library - AutoHoldings Journals</source><source>EBSCOhost Business Source Complete</source><creator>Burns, A. J. ; Roberts, Tom L. ; Posey, Clay ; Bennett, Rebecca J. ; Courtney, James F.</creator><creatorcontrib>Burns, A. J. ; Roberts, Tom L. ; Posey, Clay ; Bennett, Rebecca J. ; Courtney, James F.</creatorcontrib><description>ABSTRACT In contemporary organizations, the protection of an organization's information assets is reliant on the behavior of those entrusted with access to organizational information and information systems (IS). Because of this reliance, organizations increasingly prioritize the training and education of employees through security education, training, and awareness (SETA) initiatives. Through expectancy theory and its central components of valence, instrumentality, and expectancy (VIE), we investigate the role of insiders’ awareness of organizational SETA efforts on two similar, yet distinct, security‐related intentions: intention to comply with information security policies (ISPs) and intention to protect the organization's information assets from their threats. Not only do we show how distinct these two concepts are from a quantitative standpoint, we also demonstrate differences between insiders’ compliance and protection intentions, as well as their motivational antecedents. Moreover, we demonstrate how our powerful, yet parsimonious, model based on expectancy theory explains a significant portion of the variance in these two important concepts: 52.7% in intentions to comply with ISPs and 68.1% in intentions to protect organizational information assets. We discuss the implications of our findings for research and practice and offer future research opportunities.</description><identifier>ISSN: 0011-7315</identifier><identifier>EISSN: 1540-5915</identifier><identifier>DOI: 10.1111/deci.12304</identifier><language>eng</language><publisher>Atlanta: American Institute for Decision Sciences</publisher><subject>Assets ; Behavior ; Compliance ; Cybersecurity ; Education ; Expectancy theories ; Expectancy Theory ; Information systems ; Organizations ; Policy Compliance ; Reliance ; Security Intentions ; Security Training ; Training ; VIE Theory</subject><ispartof>Decision sciences, 2018-12, Vol.49 (6), p.1187-1228</ispartof><rights>2017 Decision Sciences Institute</rights><rights>2018 Decision Sciences Institute</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c3334-e144ad8ab7da4f7678e336412d244af122329d03003c8d76544e354872c7c9cc3</citedby><cites>FETCH-LOGICAL-c3334-e144ad8ab7da4f7678e336412d244af122329d03003c8d76544e354872c7c9cc3</cites><orcidid>0000-0001-8222-4144</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://onlinelibrary.wiley.com/doi/pdf/10.1111%2Fdeci.12304$$EPDF$$P50$$Gwiley$$H</linktopdf><linktohtml>$$Uhttps://onlinelibrary.wiley.com/doi/full/10.1111%2Fdeci.12304$$EHTML$$P50$$Gwiley$$H</linktohtml><link.rule.ids>314,780,784,1417,27924,27925,45574,45575</link.rule.ids></links><search><creatorcontrib>Burns, A. J.</creatorcontrib><creatorcontrib>Roberts, Tom L.</creatorcontrib><creatorcontrib>Posey, Clay</creatorcontrib><creatorcontrib>Bennett, Rebecca J.</creatorcontrib><creatorcontrib>Courtney, James F.</creatorcontrib><title>Intentions to Comply Versus Intentions to Protect: A VIE Theory Approach to Understanding the Influence of Insiders’ Awareness of Organizational SETA Efforts</title><title>Decision sciences</title><description>ABSTRACT In contemporary organizations, the protection of an organization's information assets is reliant on the behavior of those entrusted with access to organizational information and information systems (IS). Because of this reliance, organizations increasingly prioritize the training and education of employees through security education, training, and awareness (SETA) initiatives. Through expectancy theory and its central components of valence, instrumentality, and expectancy (VIE), we investigate the role of insiders’ awareness of organizational SETA efforts on two similar, yet distinct, security‐related intentions: intention to comply with information security policies (ISPs) and intention to protect the organization's information assets from their threats. Not only do we show how distinct these two concepts are from a quantitative standpoint, we also demonstrate differences between insiders’ compliance and protection intentions, as well as their motivational antecedents. Moreover, we demonstrate how our powerful, yet parsimonious, model based on expectancy theory explains a significant portion of the variance in these two important concepts: 52.7% in intentions to comply with ISPs and 68.1% in intentions to protect organizational information assets. We discuss the implications of our findings for research and practice and offer future research opportunities.</description><subject>Assets</subject><subject>Behavior</subject><subject>Compliance</subject><subject>Cybersecurity</subject><subject>Education</subject><subject>Expectancy theories</subject><subject>Expectancy Theory</subject><subject>Information systems</subject><subject>Organizations</subject><subject>Policy Compliance</subject><subject>Reliance</subject><subject>Security Intentions</subject><subject>Security Training</subject><subject>Training</subject><subject>VIE Theory</subject><issn>0011-7315</issn><issn>1540-5915</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2018</creationdate><recordtype>article</recordtype><recordid>eNp9kbtOwzAYhS0EEqWw8ASW2JBS7Ni5lC0qASpVKhJt18g4f9pUqV1sV1WYeA0m3o0nwaEsLHixrPP9l-OD0CUlA-rPTQmyHtCQEX6EejTiJIiGNDpGPUIoDRJGo1N0Zu2aEBJHnPXQ51g5UK7WymKn8Uhvtk2LF2DszuK_2pPRDqS7xRlejHM8W4E2Lc62W6OFXHXEXJW-0AlV1mqJ3Qp8h6rZgZKAdeUftu6Ar_cPnO2FAQXWdsLULIWq30Q3SjT4OZ9lOK8qbZw9RyeVaCxc_N59NL_PZ6PHYDJ9GI-ySSAZYzwAyrkoU_GSlIJXSZykwFjMaViGXqhoGLJwWBJGCJNpmXjvHFjE0ySUiRxKyfro6tDXu3ndgXXFWu-M38YWIY1JnA7933nq-kBJo601UBVbU2-EaQtKii6Aogug-AnAw_QA7-sG2n_I4i4fjQ813xiCie4</recordid><startdate>201812</startdate><enddate>201812</enddate><creator>Burns, A. J.</creator><creator>Roberts, Tom L.</creator><creator>Posey, Clay</creator><creator>Bennett, Rebecca J.</creator><creator>Courtney, James F.</creator><general>American Institute for Decision Sciences</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7TB</scope><scope>8BJ</scope><scope>8FD</scope><scope>FQK</scope><scope>FR3</scope><scope>JBE</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0001-8222-4144</orcidid></search><sort><creationdate>201812</creationdate><title>Intentions to Comply Versus Intentions to Protect: A VIE Theory Approach to Understanding the Influence of Insiders’ Awareness of Organizational SETA Efforts</title><author>Burns, A. J. ; Roberts, Tom L. ; Posey, Clay ; Bennett, Rebecca J. ; Courtney, James F.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c3334-e144ad8ab7da4f7678e336412d244af122329d03003c8d76544e354872c7c9cc3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2018</creationdate><topic>Assets</topic><topic>Behavior</topic><topic>Compliance</topic><topic>Cybersecurity</topic><topic>Education</topic><topic>Expectancy theories</topic><topic>Expectancy Theory</topic><topic>Information systems</topic><topic>Organizations</topic><topic>Policy Compliance</topic><topic>Reliance</topic><topic>Security Intentions</topic><topic>Security Training</topic><topic>Training</topic><topic>VIE Theory</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Burns, A. J.</creatorcontrib><creatorcontrib>Roberts, Tom L.</creatorcontrib><creatorcontrib>Posey, Clay</creatorcontrib><creatorcontrib>Bennett, Rebecca J.</creatorcontrib><creatorcontrib>Courtney, James F.</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Mechanical &amp; Transportation Engineering Abstracts</collection><collection>International Bibliography of the Social Sciences (IBSS)</collection><collection>Technology Research Database</collection><collection>International Bibliography of the Social Sciences</collection><collection>Engineering Research Database</collection><collection>International Bibliography of the Social Sciences</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>Decision sciences</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Burns, A. J.</au><au>Roberts, Tom L.</au><au>Posey, Clay</au><au>Bennett, Rebecca J.</au><au>Courtney, James F.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Intentions to Comply Versus Intentions to Protect: A VIE Theory Approach to Understanding the Influence of Insiders’ Awareness of Organizational SETA Efforts</atitle><jtitle>Decision sciences</jtitle><date>2018-12</date><risdate>2018</risdate><volume>49</volume><issue>6</issue><spage>1187</spage><epage>1228</epage><pages>1187-1228</pages><issn>0011-7315</issn><eissn>1540-5915</eissn><abstract>ABSTRACT In contemporary organizations, the protection of an organization's information assets is reliant on the behavior of those entrusted with access to organizational information and information systems (IS). Because of this reliance, organizations increasingly prioritize the training and education of employees through security education, training, and awareness (SETA) initiatives. Through expectancy theory and its central components of valence, instrumentality, and expectancy (VIE), we investigate the role of insiders’ awareness of organizational SETA efforts on two similar, yet distinct, security‐related intentions: intention to comply with information security policies (ISPs) and intention to protect the organization's information assets from their threats. Not only do we show how distinct these two concepts are from a quantitative standpoint, we also demonstrate differences between insiders’ compliance and protection intentions, as well as their motivational antecedents. Moreover, we demonstrate how our powerful, yet parsimonious, model based on expectancy theory explains a significant portion of the variance in these two important concepts: 52.7% in intentions to comply with ISPs and 68.1% in intentions to protect organizational information assets. We discuss the implications of our findings for research and practice and offer future research opportunities.</abstract><cop>Atlanta</cop><pub>American Institute for Decision Sciences</pub><doi>10.1111/deci.12304</doi><tpages>42</tpages><orcidid>https://orcid.org/0000-0001-8222-4144</orcidid></addata></record>
fulltext fulltext
identifier ISSN: 0011-7315
ispartof Decision sciences, 2018-12, Vol.49 (6), p.1187-1228
issn 0011-7315
1540-5915
language eng
recordid cdi_proquest_journals_2160689315
source Wiley Online Library - AutoHoldings Journals; EBSCOhost Business Source Complete
subjects Assets
Behavior
Compliance
Cybersecurity
Education
Expectancy theories
Expectancy Theory
Information systems
Organizations
Policy Compliance
Reliance
Security Intentions
Security Training
Training
VIE Theory
title Intentions to Comply Versus Intentions to Protect: A VIE Theory Approach to Understanding the Influence of Insiders’ Awareness of Organizational SETA Efforts
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-01T17%3A32%3A29IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Intentions%20to%20Comply%20Versus%20Intentions%20to%20Protect:%20A%20VIE%20Theory%20Approach%20to%20Understanding%20the%20Influence%20of%20Insiders%E2%80%99%20Awareness%20of%20Organizational%20SETA%20Efforts&rft.jtitle=Decision%20sciences&rft.au=Burns,%20A.%20J.&rft.date=2018-12&rft.volume=49&rft.issue=6&rft.spage=1187&rft.epage=1228&rft.pages=1187-1228&rft.issn=0011-7315&rft.eissn=1540-5915&rft_id=info:doi/10.1111/deci.12304&rft_dat=%3Cproquest_cross%3E2160689315%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2160689315&rft_id=info:pmid/&rfr_iscdi=true