한국전자통신학회논문지 (The Journal of the Korea institute of electronic communication sciences)

한국전자통신학회 (Korea Institute of Electronic Communication Science)
권호 표지
DOI QR코드

DOI QR Code

정보보안 역할 스트레스가 자기 결정성을 통해 준수 의도에 미치는 영향: 개인조직 적합성의 조절 효과

The Effect on the IS Role Stress on the IS Compliance Intention Through IS Self-determination: Focusing on the Moderation of Person-organization Fit

  • Hwang, In-Ho (College of General Education, Kookmin University)
  • 투고 : 2022.03.19
  • 심사 : 2022.04.17
  • 발행 : 2022.04.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

정보자산 보호가 조직의 중요한 관리 요인으로 인식되면서, 조직들은 정보보안 정책 및 기술 도입을 위한 투자를 높이고 있다. 하지만, 엄격한 정보보안의 적용은 조직원에게 스트레스를 통해 미준수 행동을 일으킬 수 있다. 본 연구의 목적은 정보보안 역할 강화로 인해 형성된 조직원의 스트레스가 자기결정성을 통해 준수 의도에 미치는 매커니즘을 제시하고, 개인조직 적합성을 통해 준수 의도 강화 방안을 제시하는 것이다. 연구는 정보보안 정책을 도입한 기업에 근무하는 조직원을 대상으로 온라인 설문을 하였으며, 475개의 표본을 활용하여 가설검증을 하였다. 첫째, 구조방정식 모형을 적용한 주효과 분석 결과는 역할 스트레스가 자기결정성을 감소하여 준수 의도에 영향을 미쳤다. 둘째, Process 3.1을 적용한 조절 효과 분석 결과는 개인조직 적합성이 자율성, 관계성이 준수 의도에 미치는 영향을 강화하였다. 연구는 조직원의 정보보안 스트레스, 행동 동기의 영향을 확인함으로써, 조직 내부의 정보보안 목표달성 방향을 제언한 측면에서 시사점을 가진다.

As information asset protection is recognized as an important management factor for organizations, organizations are increasing their investments in information security(IS) policies and technologies. However, strict application of IS may cause non-compliance behavior through IS stress on employees of the organization. Accordingly, this study suggests a mechanism by which employee stress affects IS compliance intentions through self-determination, and a method to reinforce IS compliance intentions through person-organization fit. We conducted an online survey of employees working at companies that adopted IS policies and tested hypotheses using 475 samples. First, as a result of analyzing the main effects of applying the structural equation model, role stress affected IS compliance intention through self-determination. Second, as a result of analyzing the moderating effect of applying Process 3.1, personal organization fit strengthened the relationship between self-determination and IS compliance intention. The research suggests a direction for achieving internal IS goals by confirming the influence of IS stress and behavioral causes of employees.

키워드

과제정보

본 논문은 2018년도 정부(교육부)의 재원으로 한국연구재단의 지원을 받아 수행된 기초연구사업임(NRF-2018R1D1A1B07050305)

참고문헌

  1. Fortune Business Insights, "Cyber security market to reach USD 366.10 billion by 2028; Surging number of e-commerce platforms to amplify market growth: Says fortune business insights," Report, Jan. 2022.
  2. Verizon, "2020 data breach investigations report," Report, Des. 2020.
  3. K. D. Loch, H. H. Carr, and M. E. Warkentin, "Threats to information systems: Today's reality, yesterday's understanding," MIS Quarterly, vol. 16, no. 2, 1992, pp. 173-186. https://doi.org/10.2307/249574
  4. Y. Chen, K. Ramamurthy, and K. W. Wen, "Organizations' information security policy compliance: Stick or carrot approach?," J. of Management Information Systems, vol. 29, no. 3, 2012, pp. 157-188. https://doi.org/10.2753/MIS0742-1222290305
  5. X. Wang and J. Xu, "Deterrence and leadership factors: Which are important for information security policy compliance in the hotel industry," Tourism Management, vol. 84, 2021, pp. 104282. https://doi.org/10.1016/j.tourman.2021.104282
  6. P. Menard, G. J. Bott, R. E. Crossler, "User motivations in protecting information security: Protection motivation theory versus self-determination theory," J. of Management Information Systems, 34(4), 2017, pp. 1203-1230. https://doi.org/10.1080/07421222.2017.1394083
  7. X. Ma, "IS professionals' information security behaviors in Chinese IT organizations for information security protection," Information Processing & Management, vol. 59, no. 1, 2022, pp. 102744. https://doi.org/10.1016/j.ipm.2021.102744
  8. M. Kajtazi, H. Cavusoglu, I. Benbasat, and D. Haftor, "Escalation of commitment as an antecedent to noncompliance with information security policy," Information & Computer Security, vol. 26, no. 2, 2018, pp. 171-193. https://doi.org/10.1108/ics-09-2017-0066
  9. J. D'Arcy, T. Herath, and M. K. Shoss, "Understanding employee responses to stressful information security requirements: A coping perspective," J. of Management Information Systems, vol. 31, no. 2, 2014, pp. 285-318. https://doi.org/10.2753/mis0742-1222310210
  10. I. Hwang and O. Cha, "Examining technostress creators and role stress as potential threats to employees' information security compliance," Computers in Human Behavior, vol. 81, 2018, pp. 282-293. https://doi.org/10.1016/j.chb.2017.12.022
  11. H. C. Pham, L. Brennan, and S. Furnell, "Information security burnout: Identification of sources and mitigating factors from security demands and resources," J. of Information Security and Applications, vol. 46, 2019, pp. 96-107. https://doi.org/10.1016/j.jisa.2019.03.012
  12. J. D'Arcy and P. L. Teh, "Predicting employee information security policy compliance on a daily basis: The interplay of security-related stress, emotions, and neutralization," Information & Management, vol. 56, no. 7, 2019, pp. 103151. https://doi.org/10.1016/j.im.2019.02.006
  13. E. L. Deci and R. M. Ryan, "Self-determination theory: When mind mediates behavior," The J. of Mind and Behavior, vol. 1, no. 1, 1980, pp. 33-43.
  14. R. J. Vallerand, "Deci and Ryan's self-determination theory: A view from the hierarchical model of intrinsic and extrinsic motivation," Psychological Inquiry, vol. 11, no. 4, 2000, pp. 312-318.
  15. I. Hwang, "The influence on the information security stressor on information security compliance intention : Focusing on the moderation of authentic leadership," J. of the Korea Institute of Electronic Communication Sciences, vol. 16, no. 6, 2021, pp. 1101-1112.
  16. Y. C. Huang, S. J. Backman, K. F. Backman, F. A. McGuire, and D. Moore, "An investigation of motivation and experience in virtual learning environments: A self-determination theory," Education and Information Technologies, vol. 24, no. 1, 2019, pp. 591-611. https://doi.org/10.1007/s10639-018-9784-5
  17. M. Gagne and E. L. Deci, "Self determination theory and work motivation," J. of Organizational behavior, vol. 26, no. 4, 2005, pp. 331-362. https://doi.org/10.1002/job.322
  18. S. G. Trepanier, J. Forest, C. Fernet, and S. Austin, "On the psychological and motivational processes linking job characteristics to employee functioning: Insights from self-determination theory," Work & Stress, vol. 29, no. 3, 2015, pp. 286-305. https://doi.org/10.1080/02678373.2015.1074957
  19. Y. Lee, W. Tao, J. Y. Li, and R. Sun, "Enhancing employees' knowledge sharing through diversity-oriented leadership and strategic internal communication during the COVID-19 outbreak," J. of Knowledge Management, vol. 25, no. 6, 2020, pp. 1526-1549.
  20. J. D. Wall, P. Palvia, and P. B. Lowry, "Control-related motivations and information security policy compliance: The role of autonomy and efficacy," J. of Information Privacy and Security, vol. 9, no. 4, 2013, pp. 52-79. https://doi.org/10.1080/15536548.2013.10845690
  21. I. Hwang, "The influence on the information security techno-stress on security policy resistance through strain: Focusing on the moderation of task technology fit," J. of the Korea Institute of Electronic Communication Sciences, vol. 16, no. 5, 2021, pp. 931-939. https://doi.org/10.13067/JKIECS.2021.16.5.931
  22. I. Hwang, "The effect on the IS psychological empowerment on the mitigation of IS policy resistance through IS role stress: Focusing on the moderation of IS justice climate," J. of the Korea Institute of Electronic Communication Sciences, vol. 17, no. 1, 2022, pp. 1-12.
  23. M. Tarafdar, Q. Tu, B. S. Ragu-Nathan, and T. S. Ragu-Nathan, "The impact of technostress on role stress and productivity," J. of Management Information Systems, vol. 24, no. 1, 2007, pp. 301-328. https://doi.org/10.2753/MIS0742-1222240109
  24. T. S. Ragu-Nathan, M. Tarafdar, B. S. Ragu-Nathan, and Q. Tu, "The consequences of technostress for end users in organizations: Conceptual development and empirical validation," Information Systems Research, vol. 19, no. 4, 2008, pp. 417-433. https://doi.org/10.1287/isre.1070.0165
  25. C. Fernet and S. Austin, Self-determination and job stress. In M. Gagne (Ed.), The Oxford handbook of work engagement, motivation, and self-determination theory (pp. 231-244). New York, NY: Oxford University Press, 2014.
  26. A. H. Olafsen, C. P. Niemiec, H. Halvari, E. L. Deci, and G. C. Williams, "On the dark side of work: A longitudinal analysis using self-determination theory," European J. of Work and Organizational Psychology, vol. 26, no. 2, 2017, pp. 275-285. https://doi.org/10.1080/1359432x.2016.1257611
  27. D. Raufelder, F. Kittler, S. R. Braun, A. Latsch, R. P. Wilkinson, and F. Hoferichter, "The interplay of perceived stress, self-determination and school engagement in adolescence," School Psychology Int., vol. 35, no. 4, 2014, pp. 405-420. https://doi.org/10.1177/0143034313498953
  28. Z. Li, Y. Yang, X. Zhang, and Z. Lv, "Impact of future work self on employee workplace well-being: A self-determination perspective," Frontiers in Psychology, vol. 12, 2021, pp. 2512.
  29. S. Valentine, L. Godkin, and M. Lucero, "Ethical context, organizational commitment, and personorganization fit," J. of Business Ethics, vol. 41, no. 4, 2002, pp. 349-360. https://doi.org/10.1023/A:1021203017316
  30. K. J. Lauver and A. Kristof-Brown, "Distinguishing between employees' perceptions of person-job and person-organization fit," J. of Vocational Behavior, vol. 59, no. 3, 2001, pp. 454-470. https://doi.org/10.1006/jvbe.2001.1807
  31. A. L. Kristof, "Person organization fit: An integrative review of its conceptualizations, measurement, and implications," Personnel Psychology, vol. 49, no. 1, 1996, pp. 1-49. https://doi.org/10.1111/j.1744-6570.1996.tb01790.x
  32. E. A. Saether, "Motivational antecedents to high-tech R&D employees' innovative work behavior: Self-determined motivation, person-organization fit, organization support of creativity, and pay justice," The J. of High Technology Management Research, vol. 30, no. 2, 2019, pp. 100350. https://doi.org/10.1016/j.hitech.2019.100350
  33. A. R. Wheeler, V. C. Gallagher, R. L. Brouer, and C. J. Sablynski, "When person organization (mis) fit and (dis) satisfaction lead to turnover: The moderating role of perceived job mobility," J. of Managerial Psychology, vol. 22, no. 2, 2007, pp. 203-219. https://doi.org/10.1108/02683940710726447
  34. H. Chen and W. Li, "Understanding commitment and apathy in is security extra-role behavior from a person-organization fit perspective," Behaviour & Information Technology, vol. 38, no. 5, 2019, pp. 454-468. https://doi.org/10.1080/0144929X.2018.1539520
  35. I. Indriasari and N. Setyorini, "The impact of work passion on work performance: The moderating role of PO fit and meaningfulness of work," Diponegoro Int. J. of Business, vol. 1, no. 1, 2018, pp. 26-32. https://doi.org/10.14710/dijb.1.1.2018.26-32
  36. J. C. Nunnally, Psychometric theory (2nd ed.). New York: McGraw-Hill, 1978.
  37. C. Fornell and D. F. Larcker, "Evaluating structural equation models with unobservable variables and measurement error," J. of Marketing Research, vol. 18, no. 1, 1981, pp. 39-50. https://doi.org/10.2307/3151312
  38. P. M. Podsakoff, S. B. MacKenzie, J. Lee, and N. P. Podsakoff, "Common method biases in behavioral research: A critical review of the literature and recommended remedies," J. of Applied Psychology, vol. 88, no. 5, 2003, pp. 879-903. https://doi.org/10.1037/0021-9010.88.5.879
  39. A. F. Hayes, Introduction to mediation, moderation, and conditional process analysis: A regression-based approach, Guilford Publications, 2017.