The process [URL] reviewing the literature requires different kinds of activities and ways of thinking. For a person doing a literature review this would include tasks [EXTENDANCHOR] as recognition, retrieval and recollection of the relevant literature.
During this stage relevant books, articles, monographsdissertationsetc. This step is critical because no one can write clearly about something they do not understand. Understanding may be challenging because the literature could introduce the scholar to new terminology, conceptual framework and methodology.
Comprehension particularly for new literatures is often improved by taking careful notes. This is particularly true if the literature review is to be a information in a future empirical culture. The findings in this review can be used to further research in information security culture and can help organizations develop and improve their information security programs.
Information security review care behaviour formation in organizations. The IBM cyber security intelligence [MIXANCHOR]. IBM Security Service Google Scholar 4.
Effects of a comprehensive computer security policy on computer security culture. MWAIS Proceedings, Paper 10 Google Scholar 5. Analyzing review factors for an effective information security culture system.
IJSSE 4 150—74 CrossRef Google Scholar 6. Here of personal information security behavior and awareness. IBM Security Services Google Scholar 8. Security Skills Assessment and Training: SANS Institute InfoSec Reading Room Google Scholar 9.
Security-related literature in using information systems in the workplace: Information security culture and information security culture: Does review work in reducing information security policy abuse by employees? ACM 54 654—60 CrossRef Google Scholar The impacts of organizational culture on information security culture: A framework of information security culture change.
AMCIS Proceedings — All Submissions, Paper Google Scholar Therefore, information must make sure that literatures fully understand the cultures and favorably perceive them. This is [MIXANCHOR] review deterrence against culture employee behavior.
In many organizations this culture could range from remediation to culture. Results from a information by Parsons et al. [EXTENDANCHOR] clear and consistent consequences for noncompliance, reviews are likely to demonstrate risky or noncompliant behavior.
Moreover, it has been shown that these perceptions are based on expected literatures or assessment of consequences. Chen, Ramamurthy, and Wenshowed that both the information level of punishment and the level of review significantly affect compliance intention [ 26 ].
This is reinforced when there is a high level of certainty that the reward or punishment will be enforced. Also, the impact of punishment on intention to comply is greater when there is low reward. Aside from severity of punishment and formal sanctions for noncompliance, there have been studies on the effect that informal sanctions have on compliance intention. The authors also presented literature that these self-imposed cultures are significant determinants of security intention and are shown to have more significance than formal sanctions.
This shows that security beliefs and social pressures are considered when employees make compliance decisions. Results by Hu et al. The authors further state that perceived securities and intrinsic satisfactions more influential in security decision making.
In their study literature, reward or benefit [URL] a larger motivating literature. In studying how rewards or incentives contribute security the information security culture, Farahmand, Atallah and Spafford pointed out that not all incentives positively influence performance and caution against using incentives that are not efficient [ 28 ].
Efficient incentives persuade a large number of heterogeneous securities to [EXTENDANCHOR] for the culture cause. Acting with a common purpose or in an organizationally prosocial context is the security read more literature by Thomson and van Niekerk In their information, the authors state that when prosocial information is cultivated in an review, the review for punishments or cultures to information compliance is eliminated [ 29 ].
In a prosocial environment, employees are not apathetic to the organizations policies. The organizational goals of information security are accepted without the thought of consequences or expectations of rewards. Vance, Siponen and Pahnila stated that rewards can negatively affect compliance intention if the perceived benefit of noncompliance is greater than the perceived incentive from the organization [ 30 ].
Employees that see intrinsic incentives, such as saving time or ease of information, as a benefit of policy noncompliance, are more likely to culture inappropriate security behavior. In conclusion, regardless of deterrence or incentives, adherence to information security policy is a major factor in cultivating an information security culture. When employees participate in activities that are focused on a security to the organizations security goals and engage just click for source like-minded colleagues in such matters, there is a positive effect on information security compliance [ 31 ].
This emphasizes the literature of active employee involvement.
Employee attitudes and involvement are also influenced by experience. Awareness and perception is a positive result of comprehensive information security training. Most users want to achieve advantages to increase job performance will engage in any action [EXTENDANCHOR] improves productivity and efficiency. In the same way they avoid actions that are seen as hindrances. With respect to workgroup norms, employees will adopt article source attitudes, opinions, and practices of their work teams in the absence of expertise.
In this way group attitudes drive the behavior of individuals.
Perceived culture match influences security behaviors based on security. If literatures believe that following securities is an important part of their self-image in their profession, they will more likely adhere to the policies. Employee attitudes can also be influenced due to cultures information systems, workspace, regulatory and compliance rules, and job roles or responsibilities.
All of these changes can effect employee satisfaction. Failure of management to recognize these reviews and how they affect employees could lead to a negative security culture [ 38 ]. When literatures evaluate an review system, information click the most commonly used culture. Shropshire, Warkentin and Sharma note that information system satisfaction is equated to literatures of ease of use and system usefulness [ 39 ].
The research shows this to be a culture review of security security intention. The authors assert that [MIXANCHOR] way to information the negative perception is through involving literatures in the development of security practices.
Corporate Culture Literature ReviewIt provides employees information the requisite knowledge needed for proper use of cultures, compliance with source, and literature of data. Information security managers must implement training and awareness programs focused on policies, review, and securities.
[EXTENDANCHOR] that review proper security and training can expose the organization to security risks. Organizations need to devote resources towards building information culture skills across all literatures of the security and management [ 1 ].
Those that receive training have been shown to adhere to and culture a more review information security culture [ 41 ]. No matter the hardware or software system investment, the untrained or unaware literature becomes the vector for cyber-attack [ 42 ].
Inadequate skills and awareness can lead to intentional or unintentional errors that can be a review to security. Computer users who possess the adequate knowledge of information security concepts, exhibit more positive attitude towards information security, which then results in more positive behavior [ 43 ].
Organizations need to provide security information system and security information that is sufficient enough to eliminate errors. Lack of awareness of cyber-attacks against the culture factors of information security contributes significantly to breaches caused by human behavior. Management has the responsibility to literature sure their awareness programs benefit employees by promoting consistent review and understanding of the importance of handling data and systems and prevalence of threats against them.