Peer monitoring refers to when peers, voluntarily, noticing and responding to others’ violations of organizational information security policies (ISP). This study explores how peer monitoring reduces employee ISP violations (or facilitates their compliance). Drawing upon theories in management, we propose that, peer monitoring discourages one to violate the ISP. Moreover, trust plays an important role. Not only does it facilitate peer monitoring, but also it moderates the effect of peer monitoring on employee ISP violations. Otherwise, collective responsibility leads to peer monitoring as well. The proposed research model is validated using data gathered via two waves of survey two weeks apart with 254 employees in the United States. We measured the dependent variable, one’s intention to violate the ISP, with four scenarios in the second wave, while all other constructs in the first wave. The results suggest that peer monitoring decreases one’s intention to violate the ISP. Furthermore, both collective responsibility and trust contribute to peer monitoring. Finally, trust amplifies the effect of peer monitoring on employee intention to violate the ISP. We discuss the theoretical contributions and practical implications.
When: Friday, February 28, 1-2:00pm
Where: CDM Theater 708
Who: Adel Yazdanmehr, Assistant Professor, Baruch College, The City University of New York
Now the colloquium talks are live-streamed and available on YouTube!
Speaker bio: Adel Yazdanmehr is an Assistant Professor of Information Systems at Baruch College, The City University of New York. He received his PhD in Management Information Systems from The University of Texas at Arlington, MS in Business Analytics from the University of Texas at Dallas, MBA from Mazandaran University of Science and Technology, and BS in Software Engineering from the University of Isfahan. His current research interests are mainly in the behavioral aspect of information assurance and Identity theft. His work has appeared in Information Systems Journal, Decision Support Systems journal as well as International Conference on Information Systems, and Dewald Roode Workshop on Information Systems Security Research (IFIP).