금융회사 정보보안정책의 위반에 영향을 주는 요인 연구 : 지각된 고객정보 민감도에 따른 조절효과A Study on the Factors for Violation of Information Security Policy in Financial Companies : Moderating Effects of Perceived Customer Information Sensitivity
- Other Titles
- A Study on the Factors for Violation of Information Security Policy in Financial Companies : Moderating Effects of Perceived Customer Information Sensitivity
- Authors
- 이정하; 이상용
- Issue Date
- Dec-2015
- Publisher
- 한국데이타베이스학회
- Keywords
- Information Security Management; Information Security Compliance; Information Security Policy; Information Privacy
- Citation
- Journal of Information Technology Applications & Management, v.22, no.4, pp 225 - 251
- Pages
- 27
- Indexed
- KCI
- Journal Title
- Journal of Information Technology Applications & Management
- Volume
- 22
- Number
- 4
- Start Page
- 225
- End Page
- 251
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/24762
- ISSN
- 1598-6284
- Abstract
- This paper analyzed factors for employees to violate information security policy in financial companies based on the theory of reasoned action (TRA), general deterrence theory (GDT), and information security awareness and moderating effects of perceived sensitivity of customer information. Using the 376 samples that were collected through both online and offline surveys, statistical tests were performed. We found that the perceived severity of sanction and information security policy support to information policy violation attitude and subjective norm but the perceived certainty of sanction and general information security awareness support to only subjective norm. Also, the moderating effects of perceived sensitivity of customer information against information policy violation attitude and subjective norm were supported. Academic implications of this study are expected to be the basis for future research on information security policy violations of financial companies; Employees’ perceived sanctions and information security policy awareness have an impact on the subjective norm significantly. Practical implications are that it can provide a guide to establish information security management strategies for information security compliance; when implementing information security awareness training for employees to deter violations by emphasizing the sensitivity of customer information, a company should make their employees recognize that the customer information is very sensitive data.
- Files in This Item
-
Go to Link
- Appears in
Collections - 서울 경영대학 > 서울 경영학부 > 1. Journal Articles

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.