The downsides of information systems security policy compliance efforts : toward a Theory of Unintended Reversed Security Action and Productivity (TURSAP).

Access rights
Worldwide access.
Access changed 8/16/21.
Journal Title
Journal ISSN
Volume Title

Modern organizations face significant information security violations from inside the organizations to which they respond with various managerial techniques. It is widely believed in IS security literature that enforcing IS security policy compliance on employees through various means is the solution for security effectiveness. Nevertheless, this dissertation challenges that notion and advances a stream of research that suggests increasing security measures may lead to decrease in user productivity, increased user mistrust toward the IT department, increased user frustration, increased user technology avoidance, increased non-malicious volitional security violations and overall may lead to increased security risk, instead of decreasing it. This dissertation explores the how and why of these mechanisms and suggests what to do about this phenomenon. Following a grounded theory methodology, this dissertation develops the Theory of Unintended Reversed Security Action and Productivity (TURSAP), the first of its kind in exploring the downsides of IS security measures.

Information systems security. Productivity. Policy compliance. Security risk. Information systems theory. Downsides of IS security measures.