The Experts below are selected from a list of 90 Experts worldwide ranked by ideXlab platform
Izak Benbasat - One of the best experts on this subject based on the ideXlab platform.
-
Information security policy compliance: An empirical study of rationality-based Beliefs and information security awareness
MIS Quarterly, 2010Co-Authors: Burcu Bulgurcu, Hasan Cavusoglu, Izak BenbasatAbstract:Many organizations recognize that their employees, who are often considered the weakest link in information security, can also be great assets in the effort to reduce risk related to information security. Since employees who comply with the information security rules and regulations of the organization are the key to strengthening information security, understanding compliance behavior is crucial for organizations that want to leverage their human capital. This research identifies the antecedents of employee compliance with the information security policy (ISP) of an organization. Specifically, we investigate the rationality- based factors that drive an employee to comply with requirements of the ISP with regard to protecting the organization’s information and technology resources. Drawing on the theory of planned behavior, we posit that, along with Normative Belief and self-efficacy, an employee’s attitude toward compliance determines intention to comply with the ISP. As a key contribution, we posit that an employee’s attitude is influenced by benefit of compliance, cost of compliance, and cost of noncompliance, which are Beliefs about the overall assessment of consequences of compliance or noncom- pliance. We then postulate that these Beliefs are shaped by the employee’s outcome Beliefs concerning the events that follow compliance or noncompliance: benefit of compliance is shaped by intrinsic benefit, safety of resources, and rewards, while cost of compliance is shaped by work impediment; and cost of noncompliance is shaped by intrinsic cost, vulnerability of resources, and sanctions. We also investigate the impact of information security awareness (ISA) on outcome Beliefs and an employee’s attitude toward compliance with the ISP. Our results show that an employee’s intention to comply with the ISP is significantly influenced by attitude, Normative Beliefs, and self-efficacy to comply. Outcome Beliefs significantly affect Beliefs about overall assessment of consequences, and they, in turn, significantly affect an employee’s attitude. Furthermore, ISA positively affects both attitude and outcome Beliefs. As the importance of employees’ following their organizations’ information security rules and regulations increases, our study sheds light on the role of ISA and compliance-related Beliefs in an organization’s efforts to encourage compliance.
Fw Hafferty - One of the best experts on this subject based on the ideXlab platform.
-
More than a list of values and desired behaviors: a foundational understanding of medical professionalism. Wynia MK1, Papadakis MA, Sullivan WM, Hafferty FW.
Academic medicine, 2014Co-Authors: Mk Wynia, Wm Sullivan, Maxine A Papadakis, Fw HaffertyAbstract:The term "professionalism" has been used in a variety of ways. In 2012, the American Board of Medical Specialties (ABMS) Standing Committee on Ethics and Professionalism undertook to develop an operational definition of professionalism that would speak to the variety of certification and maintenance-of-certification activities undertaken by ABMS and its 24 member boards. In the course of this work, the authors reviewed prior definitions of professions and professionalism and found them to be largely descriptive, or built around lists of proposed professional attributes, values, and behaviors. The authors argue that while making lists of desirable professional characteristics is necessary and useful for teaching and assessment, it is not, by itself, sufficient either to fully define professionalism or to capture its social functions. Thus, the authors sought to extend earlier work by articulating a definition that explains professionalism as the motivating force for an occupational group to come together and create, publicly profess, and develop reliable mechanisms to enforce shared promises-all with the purpose of ensuring that practitioners are worthy of patients' and the public's trust.Using this framework, the authors argue that medical professionalism is a Normative Belief system about how best to organize and deliver health care. Believing in professionalism means accepting the premise that health professionals must come together to continually define, debate, declare, distribute, and enforce the shared competency standards and ethical values that govern their work. The authors identify three key implications of this new definition for individual clinicians and their professional organizations.
Burcu Bulgurcu - One of the best experts on this subject based on the ideXlab platform.
-
Information security policy compliance: An empirical study of rationality-based Beliefs and information security awareness
MIS Quarterly, 2010Co-Authors: Burcu Bulgurcu, Hasan Cavusoglu, Izak BenbasatAbstract:Many organizations recognize that their employees, who are often considered the weakest link in information security, can also be great assets in the effort to reduce risk related to information security. Since employees who comply with the information security rules and regulations of the organization are the key to strengthening information security, understanding compliance behavior is crucial for organizations that want to leverage their human capital. This research identifies the antecedents of employee compliance with the information security policy (ISP) of an organization. Specifically, we investigate the rationality- based factors that drive an employee to comply with requirements of the ISP with regard to protecting the organization’s information and technology resources. Drawing on the theory of planned behavior, we posit that, along with Normative Belief and self-efficacy, an employee’s attitude toward compliance determines intention to comply with the ISP. As a key contribution, we posit that an employee’s attitude is influenced by benefit of compliance, cost of compliance, and cost of noncompliance, which are Beliefs about the overall assessment of consequences of compliance or noncom- pliance. We then postulate that these Beliefs are shaped by the employee’s outcome Beliefs concerning the events that follow compliance or noncompliance: benefit of compliance is shaped by intrinsic benefit, safety of resources, and rewards, while cost of compliance is shaped by work impediment; and cost of noncompliance is shaped by intrinsic cost, vulnerability of resources, and sanctions. We also investigate the impact of information security awareness (ISA) on outcome Beliefs and an employee’s attitude toward compliance with the ISP. Our results show that an employee’s intention to comply with the ISP is significantly influenced by attitude, Normative Beliefs, and self-efficacy to comply. Outcome Beliefs significantly affect Beliefs about overall assessment of consequences, and they, in turn, significantly affect an employee’s attitude. Furthermore, ISA positively affects both attitude and outcome Beliefs. As the importance of employees’ following their organizations’ information security rules and regulations increases, our study sheds light on the role of ISA and compliance-related Beliefs in an organization’s efforts to encourage compliance.
Mk Wynia - One of the best experts on this subject based on the ideXlab platform.
-
More than a list of values and desired behaviors: a foundational understanding of medical professionalism. Wynia MK1, Papadakis MA, Sullivan WM, Hafferty FW.
Academic medicine, 2014Co-Authors: Mk Wynia, Wm Sullivan, Maxine A Papadakis, Fw HaffertyAbstract:The term "professionalism" has been used in a variety of ways. In 2012, the American Board of Medical Specialties (ABMS) Standing Committee on Ethics and Professionalism undertook to develop an operational definition of professionalism that would speak to the variety of certification and maintenance-of-certification activities undertaken by ABMS and its 24 member boards. In the course of this work, the authors reviewed prior definitions of professions and professionalism and found them to be largely descriptive, or built around lists of proposed professional attributes, values, and behaviors. The authors argue that while making lists of desirable professional characteristics is necessary and useful for teaching and assessment, it is not, by itself, sufficient either to fully define professionalism or to capture its social functions. Thus, the authors sought to extend earlier work by articulating a definition that explains professionalism as the motivating force for an occupational group to come together and create, publicly profess, and develop reliable mechanisms to enforce shared promises-all with the purpose of ensuring that practitioners are worthy of patients' and the public's trust.Using this framework, the authors argue that medical professionalism is a Normative Belief system about how best to organize and deliver health care. Believing in professionalism means accepting the premise that health professionals must come together to continually define, debate, declare, distribute, and enforce the shared competency standards and ethical values that govern their work. The authors identify three key implications of this new definition for individual clinicians and their professional organizations.
Hasan Cavusoglu - One of the best experts on this subject based on the ideXlab platform.
-
Information security policy compliance: An empirical study of rationality-based Beliefs and information security awareness
MIS Quarterly, 2010Co-Authors: Burcu Bulgurcu, Hasan Cavusoglu, Izak BenbasatAbstract:Many organizations recognize that their employees, who are often considered the weakest link in information security, can also be great assets in the effort to reduce risk related to information security. Since employees who comply with the information security rules and regulations of the organization are the key to strengthening information security, understanding compliance behavior is crucial for organizations that want to leverage their human capital. This research identifies the antecedents of employee compliance with the information security policy (ISP) of an organization. Specifically, we investigate the rationality- based factors that drive an employee to comply with requirements of the ISP with regard to protecting the organization’s information and technology resources. Drawing on the theory of planned behavior, we posit that, along with Normative Belief and self-efficacy, an employee’s attitude toward compliance determines intention to comply with the ISP. As a key contribution, we posit that an employee’s attitude is influenced by benefit of compliance, cost of compliance, and cost of noncompliance, which are Beliefs about the overall assessment of consequences of compliance or noncom- pliance. We then postulate that these Beliefs are shaped by the employee’s outcome Beliefs concerning the events that follow compliance or noncompliance: benefit of compliance is shaped by intrinsic benefit, safety of resources, and rewards, while cost of compliance is shaped by work impediment; and cost of noncompliance is shaped by intrinsic cost, vulnerability of resources, and sanctions. We also investigate the impact of information security awareness (ISA) on outcome Beliefs and an employee’s attitude toward compliance with the ISP. Our results show that an employee’s intention to comply with the ISP is significantly influenced by attitude, Normative Beliefs, and self-efficacy to comply. Outcome Beliefs significantly affect Beliefs about overall assessment of consequences, and they, in turn, significantly affect an employee’s attitude. Furthermore, ISA positively affects both attitude and outcome Beliefs. As the importance of employees’ following their organizations’ information security rules and regulations increases, our study sheds light on the role of ISA and compliance-related Beliefs in an organization’s efforts to encourage compliance.
