• It has been widely known that employees pose insider threats to the information and technology resources of an organization. In this paper, we develop a model to explain insiders' intentional violation of the requirements of an information security policy. We propose sunk cost as a mediating factor. We test our research model on data collected from three information-intensive organizations in banking and pharmaceutical industries (n=502). Our results show that sunk cost acts as a mediator between the proposed antecedents of sunk cost (i.e., completion effect and goal in congruency) and intentions to violate the ISP. We discuss the implications of our results for developing theory and for re-designing current security agendas that could help improve compliance behavior in the future. ()
  • HICSS ()
  • 1 ()
is ?:cites of
  • 2016-06-24 ()
  • 10.1109/HICSS.2014.393 ()
  • 3177 ()
  • 1 ()
  • en ()
  • 2014-01-01 ()
  • IEEE Computer Society ()
  • 21034 ()
  • 28 ()
  • 3169 ()
  • Assessing Sunk Cost Effect on Employees' Intentions to Violate Information Security Policies in Organizations ()


expand all