Two instruments of Information security deviant behavior (ISDB) are proposed and tested, including a four-item instrument of resource misuse (ISDB that is related to the misuse of information systems resources) and a three-item instrument of security carelessness (ISDB that is related to the employees' omissive activities when using computers or handling data). A rigorous instrument development process which includes three surveys and addresses six crucial measurement properties (content analysis, factorial validity, reliability, convergent validity, discriminant validity, and nomological validity) is adopted.
| Construct | Cites | Category | Questions given? | Content validity | Pretests | Response type | Notes |
|---|---|---|---|---|---|---|---|
| Resource misuse | NEW | Information security deviant behavior | yes | 4 stages of validation with 3 surveys | multiple pilots | seven-point Likert scales ranging from "strongly disagree" to "strongly agree" | |
| Security carelessness | NEW | Information security deviant behavior | yes | 4 stages of validation with 3 surveys | multiple pilots | seven-point Likert scales ranging from "strongly disagree" to "strongly agree" | |
| Implicit knowledge sharing | Bock et al., 2005 | yes | no | none | unclear | ||
| Software piracy | Kwan et al., 2010 | yes | no | none | unclear | ||
| Nonwork-related computing | Lee et al., 2007 | yes | no | none | unclear | ||
| Helping behaviour | Colquitt, 2001 | yes | no | none | unclear | ||
| Security policy | D'Arcy et al., 2009 | yes | no | none | unclear | ||
| Security awareness program | D'Arcy, 2007 | yes | no | none | unclear |
Amanda MY Chu and Patrick YK Chau. Development and validation of instruments of information security deviant behavior. Decision Support Systems, 66:93–101, 2014.
@article{chu_development_2014,
author = {Chu, Amanda MY and Chau, Patrick YK},
journal = {Decision Support Systems},
pages = {93--101},
title = {Development and Validation of Instruments of Information Security Deviant Behavior},
volume = {66},
year = {2014}
}