| Construct |
Types |
| A vision for change |
Strategy implementation |
| Accountability |
Information security management |
| Action Control |
|
| Actual compliance |
Compliance |
| Actual misuse |
Misuse |
| Affect |
Triandis, Affect |
| Affilliation |
|
| Agile Business Strategy |
|
| Agreeableness |
Big Five, Person |
| Altruism |
|
| Anonymity |
|
| Anticipated Extrinsic Rewards |
Anticipated Rewards, Rewards |
| Anticipated Reciprocal Relationships |
Anticipated Rewards, Rewards |
| Anticipated pay increase/promotion |
rewards to KS, Anticipated Rewards |
| Anticipated reciprocal relationship |
Anticipated Rewards, Rewards |
| Anticipated recognition |
Anticipated Rewards, Rewards |
| Anticipated usefulness |
Anticipated Rewards, Rewards |
| Anxiety |
|
| Apathy |
|
| Appeal to higher loyalties |
Neutralization |
| Attachment |
Social control theory, Social bond |
| Attachment to co-workers |
Social bond |
| Attachment to immediate supervisor |
Social bond |
| Attachment to job |
Social bond |
| Attachment to organization |
Social bond |
| Attitude Toward Ethical Behavior |
theory of planned behavior |
| Attitude Toward NMSV |
theory of planned behavior |
| Attitude toward ISSP compliance |
Compliance, theory of planned behavior, Social bond, HAIS-Q |
| Attitude toward knowledge sharing |
theory of planned behavior |
| Attitude toward misuse |
Misuse, theory of planned behavior |
| Attitude toward security policy |
policy, theory of planned behavior |
| Attitude towards KS |
theory of planned behavior |
| Attitude towards compliance |
Compliance, theory of planned behavior, Social bond, HAIS-Q |
| Attitude towards compliance with ISOP |
Compliance, theory of planned behavior, Social bond, HAIS-Q |
| Attitude towards software piracy |
piracy, theory of planned behavior |
| Attitudes toward knowledge sharing |
theory of planned behavior |
| Attitudes towards Computers |
theory of planned behavior |
| Attitudes towards a Store |
theory of planned behavior |
| Attitudes towards behavior |
theory of planned behavior |
| Availability |
System |
| Awareness |
|
| Barratt Impulsiveness Scale |
|
| Behavioural intention |
Intent |
| Behavoral intention to share knowledge |
Knowledge sharing, intentions and attitudes |
| Belief |
Social bond |
| Belief in legal system |
Social bond |
| Benefits of Knowledge Sharing |
|
| Bias |
|
| Business partner pressure |
Coercive pressure |
| Buyer Product Development Performance |
|
| Capability development |
Information Security Culture Assessment (ISCA), Information Security Culture Assessment |
| Career usefulness |
|
| Centralization |
Organizational structure |
| Centralization of Decisions |
Organizational structure |
| Certainty |
Formal Sanctions, Informal Sanctions |
| Certainty of shame for oneself |
|
| Change |
Organizational structure |
| Change management |
Information Security Culture Assessment (ISCA) |
| Character traits |
|
| Choice Dilemmas |
|
| Co-worker behaviour |
Informal control |
| Co-worker congruence |
|
| Codification |
|
| Cohesion |
|
| Collaboration |
Collaboration |
| Collaborative Tool Usage |
Collaboration |
| Collaborative behaviors |
Collaboration |
| Collective esteem |
|
| Commitment to Education |
Social bond |
| Communication |
Information Security Culture Assessment (ISCA), Social interaction, organizational culture, Information Security Culture Assessment |
| Communication & Personality |
organizational culture |
| Communication Frequency. |
organizational culture |
| Communication channel |
organizational culture |
| Community Loyalty |
|
| Community identification |
|
| Community leader |
|
| Community-related outcome expectations |
|
| Compatibility |
|
| Competence |
|
| Complexity |
Work Environment |
| Computer Playfulness |
|
| Computer deindividuation |
|
| Computer monitoring |
|
| Computer self-efficacy |
self-efficacy |
| Condemnation of the condemners |
Neutralization |
| Confidentiality |
Information security management |
| Conflict |
Social Environment |
| Conscientiousness |
Big Five, Person |
| Conservation |
|
| Consideration for Future Consequences |
consequence |
| Consistency |
Organization culture |
| Content-based trust |
Trust |
| Controllability |
|
| Conventional reasoning |
|
| Cooperative climate |
Organizational climate |
| Cooperativeness |
Organization culture |
| Coopersmith self-esteem inventory |
|
| Coping intentions |
|
| Costs of Knowledge Hoarding |
Cost |
| Costs of Knowledge Sharing |
Cost |
| Cultural knowledge capability |
Organizational knowledge capability |
| Current Compliance |
Compliance |
| Data Quality Management Practices |
|
| Data Security |
|
| Defense of necessity |
Neutralization |
| Defining Issues Test |
|
| Degree of Freedom |
Personal Environment |
| Delinquent Behavior |
|
| Denial of injury |
Neutralization |
| Denial of responsibility |
Neutralization |
| Depend on parents |
Social bond |
| Descriptive norm |
social influence |
| Deterrent efforts |
|
| Deterrent severity |
|
| Digital Literacy |
|
| Direct Shopping Experience |
Experience |
| Distributive justice |
|
| Domain-Specific Risk-Taking (DOSPERT) |
|
| Domain-Specific Risk-Taking Scale |
|
| EKR Usage |
|
| Ease of Use |
|
| Economy-based trust |
Trust |
| Effectiveness |
Organization culture |
| Ego Strength |
|
| Elasticity of intertemporal substitution |
|
| Electronic Health Records security |
|
| Email use |
|
| Employee commitment |
|
| Encouragement by Others |
|
| Enjoyment in Helping Others |
|
| Environment |
Information Security Culture Framework |
| Ethical Attitudes |
|
| Ethical Behavior Intention |
|
| Ethical Egoism |
|
| Ethical climate |
|
| Evaluation |
|
| Evolutionary Risk Scale |
|
| Expected Associations |
|
| Expected Contribution |
|
| Expected Rewards |
Anticipated Rewards, Rewards |
| Expected reciprocal benefit |
|
| Expected relationships |
|
| Experience of Threat |
Experience |
| Experience towards Mobile Phone Usage |
Experience |
| Exposure to security practices |
Normative pressure |
| Expressive use |
|
| Extent of Coordination |
|
| External influence |
|
| Extra-unit knowledge |
|
| Extraversion |
Big Five |
| Extrinsic reward |
Social enabler, Rewards, Environment |
| Extrinsic rewards |
Social enabler, Rewards, Environment |
| Facebook Intensity (FBI) Index |
|
| Facil. conditions |
|
| Facilitating conditions |
|
| Fairness |
|
| Fashion |
|
| Financial Performance |
|
| Formal Socialization Mechanisms |
|
| Formal integrative mechanisms |
|
| Formal systems |
Organizational structure |
| Formalism |
Organizational structure |
| Frequency of EIS use |
|
| Friendship |
|
| General Decision-Making Style |
|
| General Information Security Awareness |
awareness |
| General precautions |
|
| General risk appetite |
|
| Generalized Trust |
Trust |
| Governance |
Information Security Culture Assessment (ISCA), Information Security Culture Assessment |
| Government regulation |
Coercive pressure |
| Group commitment |
|
| Habits |
|
| Hacker screen concern |
|
| Hacker screen realism |
|
| Headquarters-subsidiary decentralization |
Organizational structure |
| Helping behaviour |
|
| Hierarchy |
Organizational structure |
| Horizontal coordination |
Organizational structure |
| Human knowledge capability |
Organizational knowledge capability |
| IPC (Awareness) |
awareness |
| IPC (Collection) |
|
| IPC (Control) |
|
| IPC (Errors) |
|
| IPC (Improper Access) |
|
| IPC (Secondary Usage) |
|
| IS misuse intention 1 |
Intention |
| IS misuse intention 2 |
Intention |
| ISOP compliance behavioural intentions |
Intention, theory of planned behavior, compliance |
| ISP Clarity |
ISP Quality |
| ISP Completeness |
ISP Quality |
| ISP Consistency |
ISP Quality |
| ISP Fairness |
ISP Quality |
| ISSP Violation intention |
Intention |
| ISSP compliance behavioral intentions |
Intention, theory of planned behavior, compliance |
| IT capabilities |
|
| IT-skill level |
|
| IUP compliance intention |
Intention, theory of planned behavior, compliance |
| IUP compliance intention |
Compliance |
| Identification |
|
| Identification-based trust |
Trust |
| Image |
|
| Impact |
|
| Implicit knowledge sharing |
|
| Impression Management |
|
| Incentive focus |
Incentive |
| Incident reporting |
|
| Induction control |
Intention to abuse |
| Informal Socialization Mechanisms |
|
| Informal coordination |
|
| Information Literacy |
|
| Information Security Ownerships |
|
| Information Security Policy Awareness |
awareness |
| Information Security Policy Enforcements |
|
| Information Security Policy Provision |
|
| Information Security Training |
|
| Information System Knowledge |
|
| Information asset management |
Information Security Culture Assessment (ISCA) |
| Information handling |
|
| Information quality |
Infrastructure & processes |
| Information security awareness |
awareness |
| Information security collaboration |
Social bond/involvement, Collaboration |
| Information security experience |
Social bond/involvement, Experience |
| Information security intervention |
Social bond/involvement |
| Information security knowledge sharing |
Social bond/involvement |
| Information security leadership |
Information Security Culture Assessment (ISCA) |
| Information security management |
Information Security Culture Assessment (ISCA) |
| Information security policy |
Information Security Culture Assessment (ISCA) |
| Information security policy fairness |
ISP Quality |
| Information security policy quality |
ISP Quality |
| Information security programme |
Information Security Culture Assessment (ISCA) |
| Information security risk reduction expectation |
|
| Information security technologies |
Information security control resources |
| Information security threats |
|
| Information-based trust |
Trust |
| Informational justice |
|
| Innovative climate |
Organizational climate |
| Innovativeness |
Organization culture |
| Insiders’ abuse |
Computer abuse |
| Instrumental use |
|
| Instrumentality |
|
| Integrity |
Information security management |
| Intention |
Intention |
| Intention to comply |
Intention, theory of planned behavior, compliance |
| Intention to misuse |
Intention, Behavioral Intention |
| Intention to share knowledge |
Knowledge sharing, intentions and attitudes |
| Intention to use |
Intention |
| Intentions to encourage knowledge sharing |
Intention |
| Inter-personal influence |
|
| Interaction frequency |
|
| Interdependency |
|
| Internalization of EIS use |
Internalization |
| Internet privacy concerns |
Risk beliefs |
| Internet trust |
Confidence and enticement, Trust |
| Internet use |
|
| Internet users' information privacy concerns |
Risk beliefs |
| Internet users' information privacy concerns (IUIPC) |
|
| Interpersonal justice |
|
| Interunit Competition |
|
| Intraorganizational (or Interunit) Knowledge Sharing |
|
| Intrinsic Benefit |
|
| Intrinsic Cost |
Cost |
| Intrinsic KS motivation |
motivation |
| Intrinsic reward |
Social enabler, Rewards, Environment |
| Intrinsic rewards |
Social enabler, Rewards, Environment |
| Invaders’ abuse |
Computer abuse |
| Invasion of Privacy |
|
| Involvement |
Social control theory, Social bond |
| Involvement In Information Security |
|
| Involvement in Organisations |
Social bond |
| Job Insecurity |
|
| Job Satisfaction |
|
| Job Security |
Personal Environment |
| Job autonomy |
Environment |
| KM resources/technology |
|
| KMS quality |
Technical enabler |
| Know-how transfer |
|
| Knowledge |
|
| Knowledge Flow |
Knowledge Flow |
| Knowledge Sharing |
knowledge management |
| Knowledge complexity |
|
| Knowledge flows |
Knowledge Flow |
| Knowledge quality |
|
| Knowledge regarding the response |
|
| Knowledge self-efficacy |
self-efficacy |
| Knowledge sharing behavior |
Knowledge sharing |
| Knowledge sharing intention |
Knowledge sharing, intentions and attitudes |
| Knowledge sharing self-efficacy |
self-efficacy |
| Knowledge-sharing behaviour |
|
| Lateral socialization mechanisms |
|
| Leader evaluation |
|
| Leadership and Governance |
Organizational structure |
| Learning capacity |
|
| Learning from Failure |
Organizational climate |
| Learning orientation |
|
| Level of IT Usage |
|
| Level of IT support |
|
| Level of reward |
Rewards |
| Level of trust |
Trust |
| Local knowledge |
|
| Locus of Control |
Social control |
| Long-term consequences |
consequence |
| Loss of Knowledge Power |
|
| Low Self-Control |
Individual Propensity |
| Machiavellianism |
|
| Malware warning screen concern |
|
| Malware warning screen realism |
|
| Management of information security |
Information Security Culture Assessment (ISCA), Information Security Culture Assessment |
| Management support |
|
| Mandatoriness |
|
| Members’ motivation |
motivation |
| Metaphor of the ledger |
Neutralization |
| Mimetic pressure |
|
| Mobile computing |
|
| Moral Disengagement |
|
| Moral Judgement |
|
| Moral Obligation |
|
| Moral beliefs |
Individual Moral Beliefs |
| Moral maturity |
|
| NEO-FFI |
|
| NMSV Intention |
|
| Near-term and long-term consequences |
consequence |
| Near-term consequences: complexity |
consequence |
| Need for Cognition |
|
| Negative Affectivity |
|
| Negative Experience |
Experience |
| Neuroticism |
Big Five |
| Neutralization |
|
| News |
Social Environment |
| Nonwork-related computing |
|
| Norm of reciprocity |
|
| Normative beliefs |
Social pressure, social influence, theory of planned behavior, Informal control |
| Norms |
Social control theory |
| Norms for Knowledge Sharing |
|
| Open leadership climate |
Organizational climate |
| Open-mindedness |
Big Five |
| Openess to experience |
Big Five, Person |
| Openness in Communication |
|
| Openness to change |
|
| Openness to experience |
Big Five, Person |
| Opportunistic behavior |
|
| Organisational commitment |
Social bond, relational capital, Social control theory, Person |
| Organization |
Information Security Culture Framework |
| Organizational Care |
|
| Organizational Ethical Climate |
|
| Organizational Knowledge Sharing |
|
| Organizational Reward |
Rewards |
| Organizational commitment |
Social bond, relational capital, Social control theory, Person |
| Organizational identification |
|
| Organizational information security culture |
|
| Organizational knowledge capability |
Organizational knowledge capability |
| Organizational support of KS |
|
| Others' Use |
|
| Outcome Expectations |
|
| Outcome satisfaction |
|
| Overload |
Work Environment |
| Pace of Change |
|
| Participation |
|
| Participative decision-making |
|
| Password management |
|
| Peer Behavior |
Social pressure |
| Peer behaviour |
Social pressure |
| People |
Information Security Culture Framework |
| Perceive Usefulness |
|
| Perceived Celerity of Sanctions |
Perceived Deterrence |
| Perceived Certainty of Sanctions |
deterrence, Perceived Deterrence, Penalty, theory of planned behavior |
| Perceived Cost of Noncompliance |
Compliance, Cost |
| Perceived Internet privacy risk |
Risk beliefs |
| Perceived Security Risk of NMSV |
|
| Perceived Security Threats |
|
| Perceived Security Vulnerabilities |
|
| Perceived Size |
|
| Perceived Value congruence |
|
| Perceived availability |
|
| Perceived behavioral control |
theory of planned behavior |
| Perceived behavioural control to knowledge sharing |
|
| Perceived benefit of compliance |
compliance |
| Perceived benefits of non-compliance |
Compliance |
| Perceived certainty |
Formal control |
| Perceived compatibility |
|
| Perceived confidentiality |
|
| Perceived consequences |
consequence, Consequences |
| Perceived cost of non-compliance |
Compliance, Cost |
| Perceived ease of use |
|
| Perceived effectiveness |
Intrinsic motivation |
| Perceived enjoyment |
|
| Perceived extrinsic benefits |
Rational Choice Calculus |
| Perceived formal Risk |
Rational Choice Calculus |
| Perceived goal orientation |
|
| Perceived identity match |
|
| Perceived individual cost of compliance |
Compliance, Cost |
| Perceived individual cost of non-compliance |
Compliance, Cost |
| Perceived informal risk |
Rational Choice Calculus |
| Perceived information security Climate |
|
| Perceived intrinsic benefits |
Rational Choice Calculus |
| Perceived justice of punishment |
|
| Perceived legitimacy |
|
| Perceived non-repudiation |
|
| Perceived organizational benefit of compliance |
Compliance |
| Perceived organizational cost of compliance |
Compliance, Cost |
| Perceived organizational cost of non-compliance |
Compliance, Cost |
| Perceived organizational support |
|
| Perceived probability of security breach |
protection motivation |
| Perceived risk of Shame |
Rational Choice Calculus |
| Perceived rule orientation |
|
| Perceived security risk |
|
| Perceived security risk of malware |
|
| Perceived security risks from Internet breaches |
|
| Perceived severity of incident |
Formal control |
| Perceived severity of sanctions |
deterrence, Penalty, theory of planned behavior, Perceived Deterrence |
| Perceived severity of security breach |
protection motivation |
| Perceived support |
Environment |
| Perceived threat |
|
| Perceived top management participation |
|
| Perceived usefulness |
|
| Perceived vulnerability |
|
| Perception |
|
| Perception of Piracy Issue |
|
| Performance accountability |
Information Security Culture Assessment (ISCA), Information Security Culture Assessment |
| Performance management |
Information Security Culture Assessment (ISCA), Information Security Culture Assessment |
| Performance orientation |
Infrastructure & processes |
| Personal Innovativeness in the Domain of Information Technology |
|
| Personal Internet interest |
Confidence and enticement |
| Personal Normative Beliefs |
|
| Personal outcome expectations |
|
| Physical security system |
General deterrence theory |
| Possibility |
|
| Postconventional reasoning |
|
| Power |
|
| Preconventional reasoning |
|
| Presenteeism |
|
| Pressure of competing values |
|
| Prevention Cost |
Cost |
| Preventive efforts |
|
| Preventive security software |
|
| Privacy Concerns Scale |
|
| Privacy Invasion |
Personal Environment |
| Privacy Preference Scale |
|
| Privacy behavior: General Caution |
|
| Privacy behavior: Technical Protection |
|
| Privacy perception |
Information Security Culture Assessment (ISCA) |
| Pro-Sharing Norms |
|
| Procedural justice |
|
| Product usefulness |
|
| Prosocial Motives |
|
| Prosocial behavior |
Aggressive and Prosocial Behavior |
| Public use |
|
| Qualified security personnel |
Information security control resources |
| Quality |
System |
| Ratings of Focal Subsidiary Capabilities |
|
| Received task interdependence |
|
| Reciprocity |
relational capital |
| Rejection of universal moral principles in favor of relativism |
|
| Relative Advantage for Job Performance |
|
| Reliability |
|
| Reputation |
individual motivations, Perceived consequences |
| Reputation building |
|
| Resource availability |
|
| Resource misuse |
Information security deviant behavior |
| Resource fitness |
|
| Response cost |
Cost |
| Response efficacy |
protection motivation, Fear appeals |
| Reward |
|
| Reward systems |
Rewards |
| Rewards |
|
| Rewards and Incentives |
Incentive, Rewards |
| Risk Acceptance |
|
| Risk Aversion |
|
| Risk Beliefs |
|
| Risk Perception |
|
| Risk analysis |
Internal security needs assessment |
| Role Ambiguity |
|
| Role breadth self-efficacy |
Person, self-efficacy |
| Rule compliance |
Compliance |
| SETA programs |
|
| Safety of Resources |
|
| Safety/security |
|
| Sanction severity |
Sanctions |
| Satisfaction |
|
| Satisfaction with change processes |
Strategy implementation |
| Satisfaction with knowledge sharing |
|
| Satisfaction with the information content of the EIS |
Affect |
| Secondary Sources' Influence |
|
| Security |
awareness |
| Security Behavior Intentions Scale |
|
| Security Management and Operations |
|
| Security Programme Management |
|
| Security Self-Efficacy |
self-efficacy |
| Security assessment |
|
| Security awareness |
General deterrence theory, awareness |
| Security awareness of organizational users |
Information security control resources, awareness |
| Security awareness program |
awareness |
| Security carelessness |
Information security deviant behavior |
| Security communication |
|
| Security compliance intention |
Intention, theory of planned behavior, compliance |
| Security culture |
|
| Security investment among partners |
Normative pressure |
| Security investment rationale |
Internal security needs assessment |
| Security policies |
General deterrence theory |
| Security policy |
General deterrence theory |
| Security, Training and Awareness Programs |
|
| Security-related stress |
|
| Self defense |
Intention to abuse |
| Self-Efficacy to Comply |
theory of planned behavior, self-efficacy |
| Self-Efficacy |
Social control, Fear appeals, self-efficacy |
| Self-Set Goal Level |
|
| Self-efficacy |
Social control, Fear appeals, self-efficacy |
| Sense of Self-Worth |
|
| Severity |
Formal Sanctions, Informal Sanctions |
| Severity of shame for oneself |
|
| Shared Values |
|
| Shared goals |
|
| Shared language |
|
| Shared vision |
|
| Sharing materials |
|
| Shopping Enjoyment |
|
| Smartphone Risk Attitudes |
|
| Social |
|
| Social Desirability Scale |
|
| Social Interaction |
Perceived consequences |
| Social desirability |
|
| Social factor |
Triandis |
| Social factors |
Triandis |
| Social influence |
|
| Social interaction culture |
|
| Social interaction ties |
|
| Social network |
|
| Social networking |
|
| Social norm |
|
| Social trust |
Trust |
| Socially desirable response set |
|
| Software piracy |
|
| Source competency |
|
| Source dynamism |
|
| Source trustworthiness |
Trust |
| Specification |
|
| Store Trustworthiness |
Trust |
| Strain |
|
| Strategic Investment Rationale |
|
| Strategic Relatedness |
|
| Strategy |
Information Security Culture Framework |
| Structural knowledge capability |
Organizational knowledge capability |
| Subjective norm about knowledge sharing |
|
| Subjective norms |
theory of planned behavior |
| Subjective norms about knowledge sharing |
|
| Subjective omission of security |
|
| Subsidiary Performance |
|
| Subsidiary autonomy |
|
| Subsidiary knowledge level |
|
| Supplier Product Development Outcomes |
|
| Support |
|
| System Usability Scale |
|
| Tacitness of Knowledge |
|
| Technical knowledge capability |
Organizational knowledge capability |
| Technology |
Information Security Culture Framework |
| Technology Protection and Operations |
|
| Theft |
delinquency |
| Threat appraisal |
protection motivation |
| Threat severity |
|
| Threat susceptibility |
|
| Times spent on knowledge sharing |
|
| Top Management |
|
| Top Management Championship |
|
| Top management commitment to security |
|
| Top management support |
|
| Training and Awareness Programs |
awareness |
| Training and awareness |
Information Security Culture Assessment (ISCA), awareness |
| Training types |
|
| Trust |
Social enabler, Social interaction, Information Security Culture Assessment (ISCA), Trust |
| Trust Toward Their Colleagues |
|
| Trusting Beliefs |
Trust |
| Uncertainty |
Work Environment |
| Unit differences |
|
| Usage |
Triandis |
| Usage Intentions |
Intention |
| Use |
Triandis |
| Use of External Expertise |
|
| Usefulness |
Perceived consequences |
| User Security Management |
|
| User management |
Information Security Culture Assessment (ISCA) |
| Utilitarianism |
|
| Utilization |
|
| Value priorities |
|
| Value-monistic/non-contextualised compliance |
|
| Value-pluralistic/contextualised compliance |
|
| Vertical socialization mechanisms |
|
| Violent crime |
delinquency |
| Visibility |
|
| Vulnerability |
|
| Vulnerability of Resources |
|
| Web Assimilation |
|
| Web-Shopping Risk Attitudes |
|
| Web-Use Skills |
|
| Well-Articulated Decision Making Practices |
|
| Westin Index |
|
| Westin Privacy segmentation |
|
| Westin/Harris segmentation index |
|
| Willingness to Buy |
|
| Willingness to Gamble Lifetime Income |
|
| Willingness to disclose items of personal data |
|
| Willingness to provide personal information PPIT to transact on the Internet |
Willingness to act |
| Work Experience |
Experience |
| Work Home Conflict |
|
| Work Impediment |
|
| Work Overload |
Work Environment |
| Work group influence |
Social factors |
| abuse by insiders |
Misuse |
| applied security knowledge |
|
| attitude |
Compliance, theory of planned behavior, Social bond, HAIS-Q |
| attitude toward KS |
|
| attitude toward software piracy |
piracy, theory of planned behavior |
| attitude towards information security policy and procedures |
Compliance, theory of planned behavior, Social bond, HAIS-Q |
| attitude towards issp compliance |
Compliance, theory of planned behavior, Social bond, HAIS-Q |
| attitude towards non-malicious security violation |
Misuse, theory of planned behavior |
| behavior regarding information security policy and procedures |
HAIS-Q, Intent |
| behavioral intent |
Intent |
| behavioral intent the self |
Intent |
| behavioral intention |
Intention, theory of planned behavior, compliance |
| beliefs about the purpose and value of different digital-security behaviors |
Social bond |
| certainty of detection |
deterrence, Perceived Deterrence, Penalty, theory of planned behavior |
| collective mind |
|
| commitment |
Social bond, relational capital, Social control theory, Person |
| communication climate |
organizational culture |
| compensation |
|
| competition |
|
| compliance |
Compliance |
| compliance intention |
Intention, theory of planned behavior, compliance |
| compliant information security behavior |
Compliance |
| computer monitoring within their organizations |
|
| computer security knowledge |
|
| concern for information privacy |
Risk beliefs |
| conformity |
|
| consequences of behaviour |
consequence |
| coordination |
Social interaction |
| cost |
Cost |
| crime opportunity |
Opportunity |
| cultural values |
|
| decision making |
|
| detection certainty |
deterrence, Perceived Deterrence, Penalty, theory of planned behavior |
| detection probability |
deterrence, Perceived Deterrence, Penalty, theory of planned behavior |
| detection probability |
deterrence, Perceived Deterrence, Penalty, theory of planned behavior |
| deterrences |
Compliance, Cost |
| digital and physical security advice sources |
|
| disclosing personal information |
|
| effectiveness of security awareness themes |
awareness |
| efficiency motivation |
motivation |
| effort-based learning |
|
| email and Internet usage |
|
| employees’ compliance with the information security policy |
Compliance |
| enjoy helping others |
|
| enjoyment of helping (altruism) |
individual motivations, motivation |
| environmental dynamism |
|
| ethical ideology |
|
| ethical orientation |
|
| exchange ideology |
|
| formal sanction |
Rational Choice Calculus |
| formalization |
Organizational structure |
| guilt and restitution |
Self-Sanctions for Transgressive Behavior |
| horizontal and vertical knowledge inflows |
Knowledge flow |
| hostile rumination |
Affective and Cognitive Aspects of Aggression |
| hypothetical compliance |
Intention, theory of planned behavior, compliance |
| idealism |
|
| importance and utility of digital and physical security advice |
|
| importance of InfoSec policies |
|
| induction control intention |
Intention, Behavioral Intention |
| informal sanction |
Rational Choice Calculus |
| information privacy concerns |
Risk beliefs |
| information security contravention |
Misuse |
| information security culture |
|
| information sensitivity |
|
| information sources |
|
| information system security policy compliance behavioral intentions |
Intention, theory of planned behavior, compliance |
| infosec violation intention |
Intention, Behavioral Intention |
| integration |
Organizational structure |
| intention to KS |
Knowledge sharing, intentions and attitudes |
| intention to commit violation |
Intention, Behavioral Intention |
| intention to comply with the information security policy |
Intention, theory of planned behavior, compliance |
| intention to violate information security policies |
Intention |
| intention to violate is security policy |
Intention, Behavioral Intention |
| internalization |
Internalization |
| internet use policy compliance intention |
Intention, theory of planned behavior, compliance |
| irascibility |
Affective and Cognitive Aspects of Aggression |
| is misuse intention |
Intention, Behavioral Intention |
| knowledge acquisition |
knowledge management |
| knowledge application |
knowledge management |
| knowledge collecting |
knowledge management |
| knowledge creation |
knowledge management |
| knowledge documentation |
knowledge management |
| knowledge donating |
knowledge management |
| knowledge inflows from peer subsidiaries |
Knowledge Flow |
| knowledge inflows from the parent corporation |
Knowledge Flow |
| knowledge management climate |
|
| knowledge of information security policy and procedures |
HAIS-Q |
| knowledge out-flows to peer subsidiaries |
Knowledge Flow |
| knowledge out-flows to the parent corporation |
Knowledge Flow |
| knowledge sharing culture |
|
| knowledge sharing in a small/large-group |
|
| knowledge sharing level |
|
| knowledge transfer |
knowledge management |
| latent punishment |
|
| level of assistance |
Affect |
| managerial ethical profile |
|
| misuse intention |
Intention, Behavioral Intention |
| mobile phone usage |
|
| moral commitment |
Individual Moral Beliefs |
| moral reasoning |
|
| motivations of reputation |
motivation |
| need of IT security training |
|
| network ties |
|
| non-malicious security violation intention |
Intention, Behavioral Intention |
| norms (inverse) |
Individual Moral Beliefs |
| online privacy concern |
Risk beliefs |
| online privacy concerns |
Risk beliefs |
| openness |
Big Five |
| organizational norms |
|
| organizational participation |
|
| parent attachment |
Social bond |
| peer attachment |
Social bond |
| peer-behavior |
social influence |
| penalties |
|
| perceived benefits |
|
| perceived certainty of sanctions |
deterrence, Perceived Deterrence, Penalty, theory of planned behavior |
| perceived cost of compliance |
Cost |
| perceived cost of compliance |
Cost |
| perceived deterrent severity |
deterrence, Penalty, theory of planned behavior, Perceived Deterrence |
| perceived individual benefit of compliance |
compliance |
| perceived level of competence |
|
| perceived punishment certainty |
deterrence, Perceived Deterrence, Penalty, theory of planned behavior |
| perceived punishment severity |
deterrence, Penalty, theory of planned behavior, Perceived Deterrence |
| perceived relative advantage |
|
| perceived response cost |
Fear appeals, Cost |
| perceived risks |
|
| perceived sanctions |
Compliance, Cost |
| perceived sanctions |
deterrence, Penalty, theory of planned behavior, Perceived Deterrence |
| perceived security protection mechanisms |
protection motivation, Fear appeals |
| perceived severity |
Formal control |
| perception of current security threats |
|
| perception of necessary skills |
|
| perceptions of Snowden and his actions |
|
| perceptions of the certainty |
|
| perceptions of threat severity |
Fear appeals |
| performance appraisal |
|
| personal norms |
Compliance, theory of planned behavior, Social bond, HAIS-Q |
| personal security measures |
|
| physical and verbal aggression |
Aggressive and Prosocial Behavior |
| policy compliance intentions |
Intention, theory of planned behavior, compliance |
| principles of InfoSec policies |
|
| privacy attitudes |
|
| privacy concern |
|
| privacy concern about online practices |
Risk beliefs |
| privacy concern information abuse |
|
| privacy concern information finding |
|
| punishment certainty |
deterrence, Perceived Deterrence, Penalty, theory of planned behavior |
| punishment certainty |
theory of planned behavior |
| punishment expectancy perceived deterrent certainty |
deterrence, Perceived Deterrence, Penalty, theory of planned behavior |
| punishment severity |
deterrence, Penalty, theory of planned behavior, Perceived Deterrence |
| relative advantage of job performance |
Cost |
| religiosity |
|
| reporting security incidents |
|
| reward incentive |
Incentive, Rewards |
| rules of InfoSec policies |
|
| sanction certainty |
Sanctions |
| sanctions |
Compliance, Cost |
| security breach concern level |
protection motivation |
| security policy attitude |
policy, theory of planned behavior |
| security policy compliance intention |
Intention, theory of planned behavior, compliance |
| security risks |
|
| seeking and providing knowledge |
|
| self-consciousness |
|
| self-control |
theory of planned behavior |
| self-rated expertise |
|
| sensation-seeking |
|
| service quality instrument |
|
| severity of organizational sanctions for engaging in IS misuse |
|
| severity of penalty |
deterrence, Penalty, theory of planned behavior, Perceived Deterrence |
| social conformity |
Social pressure, social influence, theory of planned behavior, Informal control |
| social desirability bias |
|
| social norms |
|
| social relationship |
|
| software cost |
theory of planned behavior, Cost |
| software piracy intention |
theory of planned behavior |
| software security contravention |
Misuse |
| source credibility |
|
| sources of knowledge acquisition |
|
| strategic context |
|
| subjective norm |
Social pressure, social influence, theory of planned behavior, Informal control |
| team performance |
|
| technical security knowledge |
|
| technology adoption |
|
| threat vulnerability |
Fear appeals |
| time preference |
|
| training |
|
| transactive memory system |
|
| user perceived service quality of web portals |
|
| user satisfaction with the quality of the system's access mechanisms |
Affect |
| users’ awareness of security policies |
|
| utilitarian vs formalist |
|
| web-use skills index |
|
| workgroup norm |
Social pressure, social influence, theory of planned behavior, Informal control |