• Journal of Digital Convergence
• /
• v.19 no.8
• /
• pp.49-57
• /
• 2021

This paper aims to confirm the effect of self-control and organization-control on information security attitude. The research method is composed of a cross-design of locus of control and tightness culture. The measurement variables used in the assessment are information security actual attitude, compliace behavioral attitude, and information security efficacy. As a result, the locus of control had a significant effect on information security actual attitude, information security efficacy, information security efficacy, and it was found that influence of the internal-based condition was greater than the external-based condition. The tightness culture had a significant effect on compliace behavioral attitude, information security efficacy, and it was found that influence of the tight culture-based condition was greater than the loose culture-based condition. In addition, the discussion contatins the implications of information security direction that reflect these research results.

• Korean Journal of Culture and Social Issue
• /
• v.11 no.1
• /
• pp.25-42
• /
• 2005

The present research examined the proposition that once people violate traffic regulations, they would experience cognitive dissonance and subsequently engage in changing their attitudes toward the law negatively in order to reduce the dissonance. In an experiment, participants were presented with three scenarios in which a person violated traffic laws, and they were asked to imagine themselves as the person of the scenarios and write statements supporting the unlawful behaviors. Participants' attitudes toward the general traffic law and the regulations related to the violations were measured 8 weeks before and right after the experimental treatment. The results, as expected, showed that their attitudes toward the general traffic law and the specific regulations in the scenarios changed negatively after writing the statements. In each secnarios, the participants who chose to wrote statements supporting the unlawful behaviors showed great attitude changes that those who did not write the statements. Furthermore, attitudes toward the regulations that were not directly related to the scenarios did not change significantly, and participants who were expected to experience stronger dissonance arousal (e.g.., supported more unlawful behaviors or had have more positive attitudes toward the law before the experiment) showed greater attitude changes. These results support the effects of trivial unlawful behaviors on attitudes toward the law and strongly suggest the role of cognitive dissonance underlying the effects.

• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.69-84
• /
• 2018

This study examines antecedents of the intention of compliance with information security policies based on Ajzen's Theory of Planned Behavior. The study conducted the following: Verification of casual relations between role of management and protection motivation and the antecedents of planned behavior as parameters to determine the effect on the intention of compliance with information security policy, and comparative analysis between the research model and a competition model. The result of the study disclosed that, in the research model, attitude and subjective norm took an intermediary role on management beliefs, response efficacy, response cost, self-efficacy, and compliance intention, and perceived behavior control on management beliefs, self-efficacy and compliance intention.

• The Journal of Korean Association of Computer Education
• /
• v.23 no.1
• /
• pp.63-75
• /
• 2020

From the perspective of compliance with security policies by members of the organization, which is a major cause of security incidents, this study presented biased thinking as factors that affect compliance with security policies and verified the following: First, the impact of biased thinking on security policies on compliance with security policies is verified. Second, the participation of management, perceived risk, education and punishment of management will verify the adjustment effect of increasing or decreasing biased thinking. Finally, we have verified that compliance attitudes have a significant impact on compliance behavior. To this end, 157 people were surveyed, statistical analysis of research models and structural equations, and conformity analysis were conducted. Studies have shown that biased thinking has a negative effect on the attitude of compliance with information security. In addition, it was analyzed that the attitude of compliance with information security policy increases policy compliance behavior. On the other hand, the higher the perceived risk of information security, the lower the bias was the adjustment effect, but management's participation, education and punishment were found to have no adjustment effect.

• Journal of Digital Convergence
• /
• v.18 no.11
• /
• pp.169-176
• /
• 2020

With widespread use of information technologies the importance of information security has been heightened. Security policies which deal with fundamental direction of information security are critical elements of information security management. Numerous studies have been conducted on users' intention to comply security policies. They were based on various theoretical foundations and the theory of planned behavior(TPB) was the most frequently used. This research employed one of the quantitatively synthesizing meta-analytic techniques called Two-Stage Structural Equation Modeling to investigate factors influencing information security policy compliance behavior based on TPB. Analysis results indicated that all three factors of TPB were significantly influencing the behavioral intention. Moreover, the overall fit indices of structural model exhibited satisfactory level.

• Journal of Digital Convergence
• /
• v.10 no.10
• /
• pp.31-46
• /
• 2012

Drawing upon Griffin and Neal's safety climate and performance model, this study developed an information security climate model. Research model is composed of three research variables that include information security climate, information security compliance attitude, and opportunistic security behavior. Results of the study strongly support the fundamental proposition that the organizational security climate has significant positive influence on the individual's opportunistic security behavior. However, the study also reveals that the organizational climate may not directly associate with the reduction of opportunistic security behavior. Rather the organizational security climate nurtures the favorable attitude of the employee towards the compliance of information security, which in turn discourages opportunistic security behavior.

• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.57-68
• /
• 2022

As the importance and awareness of security have recently expanded, companies and governments are making continuous efforts and investments for security management. However, there are still many security threats in the organization, especially security incidents caused by internal staff. Therefore, it is very important for members to comply with security policies for organizational security management. Therefore, this study classified industrial security management into technical security, physical security, and managerial security, and applied the theory of planned behavior to investigate the impact relationship on the intention to comply with security policies. SPSS 25 and AMOS 25 were used for statistical analysis, and the study found that technical security had a positive(+) effect on subjective norms, physical security had a positive(+) effect on perceived behavior control, and attitude and perceived behavior control had a positive(+) effect on security policy compliance intention.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.113-120
• /
• 2022

Despite the limitations of existing security policies due to technological development, companies are unable to actively respond to changes by maintaining a closed security policy. This study classified information security policy into three types: regulatory type policy, advisory type policy, and informative type policy. For each classified policy type, the effect on the information security policy compliance behavior of organizational members was investigated by applying the extended theory of planned behavior, and the moderating effect of information security stress was investigated. SmartPLS 2.0 and SPSS 21.0, which are structural equation modeling techniques, were used to analyze the relationship affecting each factor. As a result of the study, regulatory type, advisory type, and informative type security policies affected organizational members' information security policy compliance behavior, and security stress had an effect on information security compliance attitudes and subjective norms on information security, which are prerequisites for planned behavior theory. gave. This study suggests that various types of corporate information security policies can be applied and that security stress can affect information security behaviors of members.

• Journal of Navigation and Port Research
• /
• v.40 no.4
• /
• pp.213-222
• /
• 2016

Recently, as cases of organizations' information disclosure occur continuously, it is urgent to manage security of information and establish measures to enhance security of information by an organization itself. Especially, members of an organization should be prepared with measures for information security, and an organization should do its efforts to raise its members' awareness toward information security. I set a research model to verify what effects an organization's fulfillment of regulations to secure information brings to performance of information security and selected members from maritime and port organizations and financial and insurance institutes as sample. Results of the analysis to identify factors affecting information security performance among members of maritime and port organizations are as follows. Firstly, I found that the factors affecting information security awareness are information security attitude and information security standards. Secondly, the factor giving influence on information security policy of an organization was found to be information security standards. In contrast, information security punishments and information security training were verified not to give influence on compliance of information security policy. Thirdly, information security awareness was identified to give significant influence on compliance of information security policy, information security competence and information security behavior. Fourthly, compliance of information security policy was verified to be those factors that give influence on information security competence and information security behavior. Lastly, information security competence and information security behavior were found to be such factors that give influence on information security performance.

• Journal of Korean Society of Transportation
• /
• v.18 no.6
• /
• pp.101-110
• /
• 2000

본 논문의 목적은 우리들의 현실적 노면표지 형태가 그 강도, 종류 및 출현빈도 측면에서 드러내는 지속적 증대 내지 강화 경향성을 문제점으로 제기하면서, 이런 노면표지 형태와 운전행동 간의 관련성에 대한 심리학적 제반 이론들을 고찰해보고 아울러 여기서 상호 연관적 특성을 밝혀주는 하나의 적절한 모델을 개발해보고자 하는 데에 두었다 이 모델에서는 운전자의 사고예방이나 안전운행이 곡 필요한 수준의 노면표지 자극화(stimulation)를 통해 조성된 쾌적한 교통환경에서 보다 용이하게 가능하다는 점이 전제되고 있다. 우리가 인간행동을 총체적으로나 효과적으로 분석하는 데 있어서는 일반심리적이거나 행동주의적 제반 이론 관점이 다소 미흡하다는 점이 지적되었다. 반면에 보다 거시적이고 종합적인 통찰에 중점을 두고있는 형태주의 심리학이나 장 이론적 시각은 행동분석 시에 비교적 결실적인 것으로 밝혀졌다 노면표지 자극의 양상여하가 운전자에게 스트레스, 정보과부담, 과도한 심리적 각성상태 등으로 인해 부정적인 영향을 미친다는 점에서는 이런 문제점이 환경심리학적 고찰측면에서도 관심의 대상이 되고 있다. \"노면표지 조성화 양 관점 모델\"에서 시사되고 는 터이지만. 이 모델에서의 노면표지 형태가 이론적인 면에서 \"정서-인지적\" 인간관에 근거를 두고있어 궁극적으로 이것이 옳다면, 그것은 곡 필요한 최소한의 수준에 머물러야 한다는 것이다. 올바른 운전행동, 다시 말해 교통법규 준수 행동은 노면표지 양상 측면의 각종 자극적 강화대책보다도 오히려 실효성 있는 교통교육, 확실한 적발 단속과 엄중한 처벌대책에 상대적으로 훨씬 더 큰 비중을 두고있는, 바로 그런 운전자의 의식개혁을 통해 비로소 제대로 정착될 수 있기 때문이다. 이 모델의 타당성 여부는 후속적 실증연구를 통해 해명되어질 수 있을 것이다.