|
一、中文部份 Jon Clay. (2023). 讓員工成為企業另一道重要的防禦:藉由網路資安意識訓練來對抗勒索病毒. 趨勢科技 Retrieved from https://www.trendmicro.com/zh_tw/research/23/h/cybersecurity-awareness-trainin g-to-fight-ransomware.html Trend Micro. (2023). 預先防範風險:趨勢科技 2023 上半年網路資安報告. 趨勢科技 Retrieved from https://www.trendmicro.com/content/dam/trendmicro/global/zh_tw/security-intelli gence/threat-report/report/2023%20mid-year%20roundup%20full%20report_Final. pdf 國家高速網路與計算中心. (2020). ISMS 資訊安全管理系統. 國家高速網路與計算中心 Retrieved from https://noc.twaren.net/~liangmc/nuk/nsm991/Lesson6.pdf 羅正漢. (2023). 2021 政府機關資安現況揭露,近年三級事件通報人為疏失是主因. IT 之家 Retrieved from https://www.ithome.com.tw/news/148431 國家資通安全研究院. (2023). 政府機關資安威脅與防護重點. 國家資通安全研究院 Retrieved from https://download.nics.nat.gov.tw/UploadFile/attachfilehandout/ 議題二:政府機關資安威脅與防護重點.pdf 台灣電腦網路危機處理暨協調中心. (2023). 調查指出多數公司不夠重視資安,將造成嚴重後果. 台灣電腦網路危機處理暨協調中心 Retrieved from https://www.twcert.org.tw/newepaper/cp-65-7122-cde20-3.html 資安人科技網. (2023). 調查:74%的資料洩露始於人為疏失或社交工程攻擊. 資安人科技網 Retrieved from https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10529
二、英文部份 Amabile, T. M., Conti, R., Coon, H., Lazenby, J., & Herron, M. (1996). Assessing the work environment for creativity. Academy of Management Journal, 39(5), 1154-1184. Argote, L., & Ingram, P. (2000). Knowledge transfer: a basis for competitive advantage in firms. Organizational Behavior and Human Decision Processes, 82(1), 150-169. Appelbaum, S. H., Cottin, J., Paré, R., & Shapiro, B. T. (2006). Employee theft: from behavioural causation and prevention to managerial detection and remedies. Journal of American Academy of Business, 9(2), 175-182. Ali, R. F., Dominic, P. D. D., Ali, S. E. A., Rehman, M., & Sohail, A. (2021). Information security behavior and information security policy compliance: a systematic literature review for identifying the transformation process from noncompliance to compliance. Applied Sciences, 11(8), 3383. Alsharif, M., Mishra, S., & Alshehri, M. (2022). Impact of human vulnerabilities on cybersecurity. Computer Systems Science & Engineering, 40(3), 1154-1166. Berlyne, D. E. (1949). Interest as a psychological concept. British Journal of Psychology, 39(4), 184-195. Berlyne, D. E. (1950). Novelty and curiosity as determinants of exploratory behaviour. British Journal of Psychology, 41(1), 68-80. Berlyne, D. E. (1954). A theory of human curiosity. British Journal of Psychology, 45(3), 180-191. Berlyne, D. E. (1960). Conflict, arousal, and curiosity. McGraw-Hill Book Company. Retrieved from https://doi.org/10.1037/11164-000 Berlyne, D. E. (1966). Curiosity and exploration. Science, 153, 25-33. Retrieved from https://doi.org/10.1126/science.153.3731.25 Burke, P. J., & Reitzes, D. C. (1981). The link between identity and role performance. Social Psychology Quarterly, 44(2), 83-92. Barron, F., & Harrington, D. M. (1981). Creativity, intelligence, and personality. Annual Review of Psychology, 32(1), 439-476. Bagchi, K., & Udo, G. (2003). An analysis of the growth of computer and Internet security breaches. Communications of the Association for Information Systems, 12(1), 684-700. Bachrach, D. G., Powell, B. C., Collins, B. J., & Richey, R. G. (2006). Effects of task interdependence on the relationship between helping behavior and group performance. Journal of Applied Psychology, 91(6), 1396-1405. Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 34(3), 523-548. Bolino, M. C., Valcea, S., & Harvey, J. (2010). Employee, manage thyself: the potentially negative implications of expecting employees to behave proactively. Journal of Occupational and Organizational Psychology, 83(2), 325-345. Burris, E. R. (2012). The risks and rewards of speaking up: managerial responses to employee voice. Academy of Management Journal, 55(4), 851-875. Boss, S. R., Galletta, D. F., Lowry, P. B., Moody, G. D., & Polak, P. (2015). What do systems users have to fear? using fear appeals to engender threats and fear that motivate protective security behaviors. MIS Quarterly, 39(4), 837-864. Chow, C. W. (1995). The effects of pay schemes and probabilistic management audits on subordinate misrepresentation of private information: an experimental investigation in a resource allocation context. Behavioral Research in Accounting, 7, 1-16. Crant, J. M. (1995). The proactive personality scale and objective job performance among real estate agents. Journal of Applied Psychology, 80(4), 532-537. Chin, W. W. (1998). The partial least squares approach to structural equation modeling. Modern Methods for Business Research, 295(2), 295-336. Crant, J. M. (2000). Proactive behavior in organizations. Journal of Management, 26(3), 435-462. Crant, J. M., & Bateman, T. S. (2000). Charismatic leadership viewed from above: The impact of proactive personality. Journal of Organizational Behavior, 21(1), 63-75. Chen, C. J., Shih, H. A., & Yeh, Y. C. (2011). Individual initiative, skill variety, and creativity: the moderating role of knowledge specificity and creative resources. The International Journal of Human Resource Management, 22(17), 3447-3461. Chen, Y., Ramamurthy, K., & Wen, K. W. (2012). Organizations' information security policy compliance: stick or carrot approach? Journal of Management Information Systems, 29(3), 157-188. Chatterjee, S., Sarker, S., & Valacich, J. S. (2015). The behavioral roots of information systems security: exploring key factors related to unethical IT use. Journal of Management Information Systems, 31(4), 49-87. Cram, W. A., Proudfoot, J. G., & D’arcy, J. (2017). Organizational information security policies: a review and research framework. European Journal of Information Systems, 26(6), 605-641. Cram, W. A., D’arcy, J., & Proudfoot, J. G. (2019). Seeing the forest and the trees: a meta-analysis of the antecedents to information security policy compliance. MIS Quarterly, 43(2), 525-554. Chen, Y., Galletta, D. F., Lowry, P. B., Luo, X., Moody, G. D., & Willison, R. (2021). Understanding inconsistent employee compliance with information security policies through the lens of the extended parallel process model. Information Systems Research, 32(3), 1043-1065. Chen, Y., Xia, W., & Cousins, K. (2022). Voluntary and instrumental information security policy compliance: an integrated view of prosocial motivation, self-regulation and deterrence. Computers & Security, 113(1), 102568. Dutton, J. E., & Ashford, S. J. (1993). Selling issues to top management. Academy of Management Review, 18(3), 397-428. Dyne, L. V., Cummings, L. L., & Parks, J. M. (1995). Extra-role behaviors: in pursuit of construct and definitional clarity (a bridge over muddied waters). Research in Organizational Behavior, 17, 215-285. Dyne, L. V., & LePine, J. A. (1998). Helping and voice extra-role behaviors:evidence of construct and predictive validity. Academy of Management Journal, 41(1),108-119. Dooley, R. S., & Fryxell, G. E. (1999). Attaining decision quality and commitment from dissent: the moderating effects of loyalty and competence in strategic decision-making teams. Academy of Management Journal, 42(4), 389-402. Deci, E. L., & Ryan, R. M. (2000). The "what" and "why" of goal pursuits: human needs and the self-determination of behavior. Psychological Inquiry, 11(4), 227-268. Dyne, L. V., Ang, S., & Botero, I. C. (2003). Conceptualizing employee silence and employee voice as multidimensional constructs. Journal of Management Studies, 40(6), 1359-1392. Detert, J. R., & Burris, E. R. (2007). Leadership behavior and employee voice: is the door really open? Academy of Management Journal, 50(4), 869-884. D’Arcy, J., Hovav, A., & Galletta, D. F. (2009). User awareness of security countermeasures and its impact on information systems misuse: a deterrence approach. Information Systems Research, 20(1), 79-98. Deci, E. L., & Ryan, R. M. (2012). Self-determination theory. Handbook of Theories of Social Psychology, 1(20), 416-436. Etzioni, A. (1975). A comparative analysis of complex organizations: on power, involvement, and their correlates (Rev. and enl. ed). Free Press. Eisenhardt, K. M. (1985). Control: organizational and economic approaches. Management Science, 31(2), 134-149. Esteves, J., Ramalho, E., & De Haro, G. (2017). To improve cybersecurity, think like a hacker. MIT Sloan Management Review. Ernst & Young. (2008). Ernst & Young 2008 global information security survey Retrieved from https://faisaldanka.wordpress.com/2008/10/20/ernst-young-2008-global-information-security-survey/ Ernst & Young. (2010). Borderless security-Ernst and Young’s 2010 global information security survey. Retrieved from https://www.slideshare.net/slideshow/2010-giss-ey/5604353 Ernst & Young. (2020). How does security evolve from bolted on to built-in? EY global information security survey 2020. Retrieved from https://assets.ey.com/content/dam/ey-sites/ey-com/en_gl/topics/advisory/ey-global-information-security-survey-2020-report.pdf Fornell, C., & Larcker, D. F. (1981). Evaluating structural equation models with unobservable variables and measurement error. Journal of Marketing Research, 18(1), 39-50. Frese, M., Kring, W., Soose, A., & Zempel, J. (1996). Personal initiative at work: differences between East and West Germany. Academy of Management Journal, 39(1), 37-63. Frese, M., & Fay, D. (2001). 4. Personal initiative: an active performance concept for work in the 21st century. Research in Organizational Behavior, 23, 133-187. Frederickson, J. R., & Waller, W. (2005). Carrot or stick? contract frame and use of decision‐influencing information in a principal‐agent setting. Journal of Accounting Research, 43(5), 709-733. Farmer, S. M., Tierney, P., & Kung-McIntyre, K. (2003). Employee creativity in Taiwan: an application of role identity theory. Academy of Management Journal, 46(5), 618-630. Frank, M., & Kohn, V. (2023). Understanding extra-role security behaviors: an integration of self-determination theory and construal level theory. Computers & Security, 132, 103386. Gibbs, J. P. (1968). Crime, punishment, and deterrence. The Southwestern Social Science Quarterly, 48(4), 515-530. Gilligan, G. (2003). Whistleblowing initiatives-are they merely secrecy games and/or blowing in the wind? The Company Lawyer, 24(2), 38-41. Grant, A. M., & Ashford, S. J. (2008). The dynamics of proactivity at work. Research in Organizational Behavior, 28, 3-34. Goo, J., Yim, M. S., & Kim, D.J. (2014). A path to successful management of employee security compliance: an empirical study of information security climate. IEEE Transactions on Professional Communication, 57(4), 286-308. Guan, B., & Hsu, C. (2022). Investigating employees’ proactive extra-role information security behaviors through security mindfulness. International Conference on Information Systems 2022 Proceedings, 5. Retrieved from https://aisel.aisnet.org/icis2022/security/security/5 Hair, J. F., Black, W. C., Babin, B. J., Anderson, R. E., & Tatham, R. (2006). Multivariate data analysis. (6th ed.). Upper Saddle River, NJ: Pearson Prentice Hall. Herath, T., & Rao, H. R. (2009). Encouraging information security behaviors in organizations: role of penalties, pressures and perceived effectiveness. Decision Support Systems, 47(2), 154-165. Hair, J. F., Ringle, C. M., & Sarstedt, M. (2011). PLS-SEM: indeed a silver bullet. Journal of Marketing theory and Practice, 19(2), 139-152. Hsu, J. S. C., Shih, S. P., Hung, Y. W., & Lowry, P. B. (2015). The role of extra-role behaviors and social controls in information security policy effectiveness. Information Systems Research, 26(2), 282-300. Humaidi, N., & Balakrishnan, V. (2015). Leadership styles and information security compliance behavior: the mediator effect of information security awareness. International Journal of Information and Education Technology, 5(4), 311-318. Hagger, M. S., Hankonen, N., Chatzisarantis, N. L., & Ryan, R. M. (2020). Changing behavior using self-determination theory. The Handbook of Behavior Change, 104-119. Hair, J. F., Hult, G. T. M., Ringle, C. M., Sarstedt, M., Danks, N. P., & Ray, S. (2021). Partial least squares structural equation modeling(PLS-SEM)using R: A workbook. Springer Nature. James, W. (1890). The principles of. Psychology, 2, 94. Johnston, A. C., & Warkentin, M. (2010). Fear appeals and information security behaviors: an empirical study. MIS Quarterly, 34(3), 549-566. Johnston, A. C., Wech, B., & Jack, E. (2013). Engaging remote employees: the moderating role of “remote” status in determining employee information security policy awareness. Journal of Organizational and End User Computing(JOEUC), 25(1), 1-23. Johnston, A. C., Warkentin, M., & Siponen, M. (2015). An enhanced fear appeal rhetorical framework: leveraging threats to the human asset through sanctioning rhetoric. MIS Quarterly, 39(1), 113-134. Jaeger, L., & Eckhardt, A. (2018). When colleagues fail: examining the role of information security awareness on extra-role security behaviors. European Conference on Information Systems, 124. Johnston, A. C., Warkentin, M., Dennis, A. R., & Siponen, M. (2019). Speak their language: designing effective messages to improve employees’ information security decision making. Decision Sciences, 50(2), 245-284. Kolekofski, K. E., & Heminger, A. R. (2003). Beliefs and attitudes affecting intentions to share information in an organizational setting. Information & Management, 40(6), 521-532. Kirsch, L. J. (2004). Deploying common systems globally: the dynamics of control. Information Systems Research, 15(4), 374-395. Kirsch, L. J., & Boss, S. R. (2007). The last line of defense: motivating employees to follow corporate security guidelines. International Conference on Interaction Sciences, Proceedings, 103. Kaplan, S. E., Pope, K. R., & Samuels, J. A. (2010). The effect of social confrontation on individuals’ intentions to internally report fraud. Behavioral Research in Accounting, 22(2), 51–67. Kline, R. B. (2016). Principles and practice of structural equation modeling (4th ed.). Guilford Press. Koohang, A., Nowak, A., Paliszkiewicz, J., & Nord, J. H. (2020). Information security policy compliance: leadership, trust, role values, and awareness. Journal of Computer Information Systems, 60(1), 1-8. Lorange, P., & Morton, M. S. S. (1974). A framework for management control systems. MIT Sloan Management Review, 16(1), 47-56. Loewenstein, G. (1994). The psychology of curiosity: a review and reinterpretation. Psychological Bulletin, 116(1), 75-98. Luft, J. (1994). Bonus and penalty incentives contract choice by employees. Journal of Accounting and Economics, 18(2), 181-206. LePine, J. A., & Dyne, L. V. (1998). Predicting voice behavior in work groups. Journal of Applied Psychology, 83(6), 853-868. Leach, J. (2003). Improving user security behaviour. Computers & Security, 22(8), 685-692. Liang, J., Farh, C. I., & Farh, J. L. (2012). Psychological antecedents of promotive and prohibitive voice: a two-wave examination. Academy of Management Journal, 55(1), 71-92. Lowry, P. B., Moody, G. D., Galletta, D. F., & Vance, A. (2013). The drivers in the use of online whistle-blowing reporting systems. Journal of Management Information Systems, 30(1), 153-190. Lowry, P. B., Posey, C., Bennett, R. B. J., & Roberts, T. L. (2015). Leveraging fairness and reactance theories to deter reactive computer abuse following enhanced organisational information security policies: an empirical study of the influence of counterfactual reasoning and organisational trust. Information Systems Journal, 25(3), 193-273. McDougall, W. (1921). An introduction to social psychology (14th ed). John W Luce & Company Maddux, J. E., & Rogers, R. W. (1983). Protection motivation and self-efficacy: a revised theory of fear appeals and attitude change. Journal of Experimental Social Psychology, 19(5), 469-479. Miceli, M. P., & Near, J. P. (1992). Blowing the whistle: the organizational and legal implications for companies and employees. Lexington Books. MacKenzie, S. B., Podsakoff, P. M., & Ahearne, M. (1998). Some possible antecedents and consequences of in-role and extra-role salesperson performance. Journal of Marketing, 62(3), 87-98. Morrison, E. W., & Phelps, C. C. (1999). Taking charge at work: extra role efforts to initiate workplace change. Academy of Management Journal, 42(4), 403-419. Miron, E., Erez, M., & Naveh, E. (2004). Do personal characteristics and cultural values that promote innovation, quality, and efficiency compete or complement each other? Journal of Organizational Behavior, 25(2), 175-199. Moller, A. C., Ryan, R. M., & Deci, E. L. (2006). Self-determination theory and public policy: improving the quality of consumer decisions without using coercion. Journal of Public Policy & Marketing, 25(1), 104-116. Morrison, E. W. (2011). Employee voice behavior: integration and directions for future research. Academy of Management Annals, 5(1), 373-412. Menard, P., Bott, G. J., & Crossler, R. E. (2017). User motivations in protecting information security: protection motivation theory versus self-determination theory. Journal of Management Information Systems, 34(4), 1203-1230. Near, J. P., & Miceli, M. P. (1985). Organizational dissidence: the case of whistle-blowing. Journal of Business Ethics, 4(1), 1-16. Nemeth, C. J., & Staw, B. M. (1989). The tradeoffs of social control and innovation in groups and organizations. Advances in Experimental Social Psychology, 22, 175-210. Nemeth, C. J. (1997). Managing innovation: when less is more. California Management Review, 40(1), 59-74. NCSAM. (2021). Cybersecurity awareness Month 2021 results report. Retrieved from https://staysafeonline.org/wp-content/uploads/2022/06/Cybersecurity-Awareness-Month-2021-Results-Report.pdf Nead, N. (2021). How to prevent a data breach in your company. Retrieved from https://www.forbes.com/sites/forbesbusinesscouncil/2021/07/30/how-to-prevent-a-data-breach-in-your-company/ Ouchi, W. G. (1978). The transmission of control through organizational hierarchy. The Academy of Management Journal, 21(2), 173-192. Ouchi, W. G. (1979). A conceptual framework for the design of organizational control mechanisms. Management Science, 25(9), 833-848. Ouchi, W. G. (1980). Markets, bureaucracies, and clans. Administrative Science Quarterly, 25(1), 129-141. Organ, D. W. (1988). Organizational citizenship behavior: the good soldier syndrome. Lexington books. O’Reilly, C. (1989). Corporations, culture, and commitment: motivation and social control in organizations. California Management Review, 31(4), 9-25. Organ, D. W., & Ryan, K. (1995). A meta‐analytic review of attitudinal and dispositional predictors of organizational citizenship behavior. Personnel Psychology, 48(4), 775-802. Oldham, G. R., & Cummings, A. (1996). Employee creativity: personal and contextual factors at work. Academy of Management Journal, 39(3), 607-634. Oliver, D. (2003). Whistle-blowing engineer. Journal of Professional Issues in Engineering Education and Practice, 129(4), 246-256. Ogbanufe, O. (2021). Enhancing end-user roles in information security: exploring the setting, situation, and identity. Computers & Security, 108, 102340. Ogbanufe, O., & Ge, L. (2023). A comparative evaluation of behavioral security motives: protection, intrinsic, and identity motivations. Computers & Security, 128, 103136. Perrucci, R., Anderson, R. M., Schendel, D. E., & Trachtman, L. E. (1980). Whistle-blowing: professionals' resistance to organizational authority. Social Problems, 28(2), 149-164. Podsakoff, P. M., & Organ, D. W. (1986). Self-reports in organizational research: problems and prospects. Journal of Management, 12(4), 531-544. Podsakoff, P. M., MacKenzie, S. B., Moorman, R. H., & Fetter, R. (1990). Transformational leader behaviors and their effects on followers' trust in leader, satisfaction, and organizational citizenship behaviors. The Leadership Quarterly, 1(2), 107-142. Premeaux, S. F., & Bedeian, A. G. (2003). Breaking the silence: the moderating effects of self‐monitoring in predicting speaking up in the workplace. Journal of Management Studies, 40(6), 1537-1562. Puhakainen, P. (2006). A design theory for information security awareness. Parker, S. K., Williams, H. M., & Turner, N. (2006). Modeling the antecedents of proactive behavior at work. Journal of Applied Psychology, 91(3), 636-652. Puhakainen, P., & Siponen, M. (2010). Improving employees' compliance through information systems security training: an action research study. MIS Quarterly, 34(4), 757-778. Parker, S. K., & Collins, C. G. (2010). Taking stock: integrating and differentiating multiple proactive behaviors. Journal of Management, 36(3), 633-662. Posey, C., Roberts, T. L., Lowry, P. B., Bennett, R. J., & Courtney, J. F. (2013). Insiders' protection of organizational information assets: development of a systematics-based taxonomy and theory of diversity for protection-motivated behaviors. MIS Quarterly, 37(4), 1189-1210. Pwc. (2014). 2014 Information Security Breaches Survey Technical Report. Retrieved from https://www.pwc.co.uk/assets/pdf/cyber-security-2014-technical-report.pdf Pwc. (2018). The Global State of Information Security Survey 2018. Retrieved from https://www.pwc.com/sg/en/publications/assets/gsiss-2018.pdf Parker, S. K., Wang, Y., & Liao, J. (2019). When is proactivity wise? a review of factors that influence the individual outcomes of proactive behavior. Annual Review of Organizational Psychology and Organizational Behavior, 6(1), 221-248. Privacyrights. (2021). Data breaches. Retrieved from https://www.privacyrights.org/data-breaches Rogers, R. W. (1975). A protection motivation theory of fear appeals and attitude change1. The Journal of Psychology, 91(1), 93-114. Reio, T. G. (2012). The need for curiosity-driven scholarship in the field of human resource development. Human Resource Development Quarterly, 23(3), 281-284 Ryan, R. M., & Deci, E. L. (2017). Self-determination theory: basic Psychological needs in motivation, development, and wellness. Guilford publications. Spielberger, C. D., & Starr, L. M. (2012). Curiosity and exploratory behavior. motivation: theory and research, 221. Straub, D. W., & Welke, R. J. (1998). Coping with systems risk: security planning models for management decision making. MIS Quarterly, 22(4), 441-469. Sheldon, K. M., & Kasser, T. (1998). Pursuing personal goals: skills enable progress, but not all progress is beneficial. Personality and Social Psychology Bulletin, 24(12), 1319-1331. Seibert, S., Crant, J. M., & Kraimer, M. L. (1999). Proactive personality and career success. Journal of Applied Psychology, 84(3), 416-427. Stryker, S., & Burke, P. J. (2000). The past, present, and future of an identity theory. Social Psychology Quarterly, 63(4), 284-297. Stamper, C. L., & Dyne, L. V. (2001). Work status and organizational citizenship behavior: a field study of restaurant employees. Journal of Organizational Behavior, 22(5), 517-536. Siponen, M., Pahnila, S., & Mahmood, A. (2007). Employees’ adherence to information security policies: an empirical study. International Federation for Information Processing-Publications-Ifip, 232, 133-144. Siponen, M., & Vance, A. (2010). Neutralization: new insights into the problem of employee information systems security policy violations. MIS Quarterly, 34(3), 487-502. Siponen, M., Pahnila, S., & Mahmood, M. A. (2010). Compliance with information security policies: an empirical investigation. Computer, 43(2), 64-71. Schweizerische, S. N. V. (2013). Information technology-security techniques-information security management systems-requirements. ISO/IEC International Standards Organization. Sommestad, T., Hallberg, J., Lundholm, K., & Bengtsson, J. (2014). Variables influencing information security policy compliance: a systematic review of quantitative studies. Information Management & Computer Security, 22(1), 42-75. Sommestad, T., Karlzén, H., & Hallberg, J. (2015). A meta-analysis of studies on protection motivation theory and information security behaviour. International Journal of Information Security and Privacy(IJISP), 9(1), 26-46. Safa, N. S., Sookhak, M., Solms, R.V., Furnell, S., Ghani, N.A., & Herawan, T. (2015). Information security conscious care behaviour formation in organizations. Computers & Security, 53, 65-78. Sonnentag, S., & Starzyk, A. (2015). Perceived prosocial impact, perceived situational constraints, and proactive work behavior: Looking at two distinct affective pathways. Journal of Organizational Behavior, 36(6), 806-824. Tyler, T. R. (2004). Promoting employee policy adherence and rule following in work settings-the value of self-regulatory approaches. Brooklyn Law Review, 70(4), 1287. Thompson, J. A. (2005). Proactive personality and job performance: a social capital perspective. Journal of Applied Psychology, 90(5), 1011-1017. Tyler, T. R., & Blader, S. L. (2005). Can businesses effectively regulate employee conduct? the antecedents of rule following in work settings. Academy of Management Journal, 48(6), 1143-1158. Tangirala, S., & Ramanujam, R. (2008). Exploring nonlinearity in employee voice: the effects of personal control and organizational identification. Academy of Management Journal, 51(6), 1189-1203. Tabachnick, B. G., & Fidell, L. S. (2013). Using Multivariate Statistics (6th ed.). Boston, MA: Pearson. Tsohou, A., & Holtkamp, P. (2018). Are users competent to comply with information security policies? an analysis of professional competence models. Information Technology & People, 31(5), 1047-1068. Trang, S., & Nastjuk, I. (2021). Examining the role of stress and information security policy design in information security compliance behaviour: an experimental study of in-task behaviour. Computers & Security, 104, 102222. Turel, O., Xu, Z., & Guo, K. (2020). Organizational citizenship behavior regarding security: leadership approach perspective. Journal of Computer Information Systems, 60(1), 61-75. Woodman, R. W., Sawyer, J. E., & Griffin, R. W. (1993). Toward a theory of organizational creativity. Academy of Management Review, 18(2), 293-321. Willison, R., & Warkentin, M. (2013). Beyond deterrence: an expanded view of employee computer abuse. MIS Quarterly, 37(1), 1-20. Wu, A. Y., Hanus, B., Xue, B., & Mahto, R. V. (2023). Information security ignorance: an exploration of the concept and its antecedents. Information & Management, 60(2), 103753. Wang, D. D., Durcikova, A., & Dennis, A. R. (2023). Security is local: the influence of the immediate workgroup on information security. Journal of the Association for Information Systems, 24(4), 1052-1101. Yen, H. R., Li, E. Y., & Niehoff, B. P. (2008). Do organizational citizenship behaviors lead to information system success?: testing the mediation effects of integration climate and project management. Information & Management, 45(6), 394-402. Yin, Y., Hsu, C., & Zhou, Z. (2023). Employees' in-role and extra-role information security behaviors from the PE fit perspective. Computers & Security, 133, 103390. Zhou, J., & George, J. M. (2001). When job dissatisfaction leads to creativity: encouraging the expression of voice. Academy of Management Journal, 44(4), 682-696.
|