| 1. |
|
|
| 2. |
|
|
| 3. |
- Gerdin, Marcus, 1995-, et al.
(författare)
-
What Goes Around Comes Around : Effects of Unclear Questionnaire Items in Information Security Research
- 2023
-
Ingår i: Human Aspects of Information Security and Assurance. - : Springer. - 9783031385292 - 9783031385322 - 9783031385308 ; , s. 470-481
-
Konferensbidrag (refereegranskat)abstract
- The credibility of research on information system security is challenged by inconsistent results and there is an ongoing discussion about research methodology and its effect on results within the employee non-/compliance to information security policies literature. We add to this discussion by investigating discrepancies between what we cl/aim to measure (theoretical properties of variables) and what we actually measure (respondents’ interpretations of our operationalized variables). The study asks: (1) How well do respondents’ interpretations of variables correspond to their theoretical definitions? (2) What are the characteristics and causes of any discrepancies between variable definitions and respondent interpretations? We report a pilot study including interviews with seven respondents to understand their interpretations of the variable Perceived severity from the Protection Motivation Theory (PMT).We found that respondents’ interpretations differ substantially from the theoretical definitions which introduces error in measurement. There were not only individual differences in interpretations but also, and more importantly, systematic ones; When questions are not well specified, or do not cover respondents’ practice, respondents make interpretations based on their practice. Our results indicate three types of ambiguities, namely (i) Vagueness in part/s of the measurement item causing inconsistencies in interpretation between respondents, (ii) Envision/Interpret ‘new’ properties not related to the theory, (iii) ‘Misses the mark’ measurements whereby respondents misinterpret the fundamentals of the item. The qualitative method used proved conducive to understanding respondents’ thinking, which is a key to improving research instruments.
|
|
| 4. |
- Gerdin, Marcus, 1995-, et al.
(författare)
-
What goes around comes around : an in-depth analysis of how respondents interpret ISP non-/compliance questionnaire items
- 2024
-
Ingår i: Information and Computer Security. - : Emerald Group Publishing Limited. - 2056-4961.
-
Tidskriftsartikel (refereegranskat)abstract
- Purpose: Research on employee non-/compliance to information security policies suffers from inconsistent results and there is an ongoing discussion about the dominating survey research methodology and its potential effect on these results. This study aims to add to this discussion by investigating discrepancies between what the authors claim to measure (theoretical properties of variables) and what they actually measure (respondents' interpretations of the operationalized variables). This study asks: How well do respondents' interpretations of variables correspond to their theoretical definitions? What are the characteristics of any discrepancies between variable definitions and respondent interpretations?Design/methodology/approach: This study is based on in-depth interviews with 17 respondents from the Swedish public sector to understand how they interpret questionnaire measurement items operationalizing the variables Perceived Severity from Protection Motivation Theory and Attitude from Theory of Planned Behavior.Findings: The authors found that respondents' interpretations in many cases differ substantially from the theoretical definitions. Overall, the authors found four principal ways in which respondents interpreted measurement items - referred to as property contextualization, extension, alteration and oscillation - each implying more or less (dis)alignment with the intended theoretical properties of the two variables examined.Originality/value: The qualitative method used proved vital to better understand respondents' interpretations which, in turn, is key for improving self-reporting measurement instruments. To the best of the authors' knowledge, this study is a first step toward understanding how precise and uniform definitions of variables' theoretical properties can be operationalized into effective measurement items.
|
|
| 5. |
- Hedström, Karin, 1967-, et al.
(författare)
-
Availability in Practice
- 2011
-
Konferensbidrag (övrigt vetenskapligt/konstnärligt)
|
|
| 6. |
|
|
| 7. |
|
|
| 8. |
- Kajtazi, Miranda, 1983-, et al.
(författare)
-
New Insights Into Understanding Manager’s Intentions to Overlook ISP Violation in Organizations through Escalation of Commitment Factors
- 2015
-
Ingår i: Proceedings of the Ninth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2015). - Pöymouth : Plymouth University. - 9781841023885
-
Konferensbidrag (refereegranskat)abstract
- This paper addresses managers’ intentions to overlook their employees’ Information Security Policy (ISP) violation, in circumstances when on-going projects have to be completed and delivered even if ISP violation must take place to do so. The motivation is based on the concern that ISP violation can be influenced by escalation of commitment factors. Escalation is a phenomenon that explains how employees in organizations often get involved in nonperforming projects, commonly reflecting the tendency of persistence, when investments of resources have been initiated. We develop a theoretical understanding based on Escalation of Commitment theory that centres on two main factors of noncompliance, namely completion effect and sunk costs. We tested our theoretical concepts in a pilot study, based on qualitative and quantitative data received from 16 respondents from the IT – industry, each representing one respondent from the management level. The results show that while some managers are very strict about not accepting any form of ISP violation in their organization, their beliefs start to change when they realize that such form of violation may occur when their employees are closer to completion of a project. Our in-depth interviews with 3 respondents in the follow-up study, confirm the tension created between compliance with the ISP and the completion of the project. The results indicate that the larger the investments of time, efforts and money in a project, the more the managers consider that violation is acceptable
|
|
| 9. |
|
|
| 10. |
- Karlsson, Fredrik, 1974-, et al.
(författare)
-
Attempts to share information between public sector organisations over time : A case-based exploration of value conflicts
- 2021
-
Ingår i: Information Polity. - : IOS Press. - 1570-1255 .- 1875-8754. ; 26:3, s. 289-310
-
Tidskriftsartikel (refereegranskat)abstract
- Despite the importance of inter-organisational information sharing (IOIS) in the public sector, such endeavours often fail. Existing research has shown that the values held by collaborating organisations are one important factor affecting these kinds of initiatives. However, research has sought only to a limited extent to address how value conflicts come into play over time. Therefore, this paper aims to explore how conflicting values shape an inter-organisational information-sharing practice in the public sector over time. Using the local/global network framework, we analyse four years’ worth of information sharing in an inter-organisational advisory group in the context of Swedish nuclear waste management. We conclude that different value conflicts are emphasised to different extents at different points in time. That is, values do not uniformly affect IOIS activities, and such conflicts over time reduce the set of potential IOIS activities. We also conclude that when IOIS activities are driven by an individual organisation’s values, individual value rational activities may co-exist with a dysfunctional long-term IOIS practice.
|
|
