Tag: information security policy

2nd publication exmained

Note: This is not a full review but rather a quicker analysis to see if this publication is suitable enough for the assignment

Publication title:

User acceptance of information technology: system characteristics, user perceptions and behavioral impacts

https://deepblue.lib.umich.edu/bitstream/handle/2027.42/30954/0000626.pdf?sequence=1&isAllowed=y

Authors 

Fred D. Davis

Fred D. Davis published this paper at University of Michigan which is a fairly high ranking university for this field of study. Research on him shows he has done further work in his field.

From the abstract i got the following information very easily:

What is the research topic?

Factors affecting user acceptance of information systems (IS)

What did the authors do?

Examined previous literature and studies about the subject, formed a theory and produced models which were then tested against a real group of people in an organization to form conclusions.

 

What they discovered

Perceived usefulness was almost 50% more influential than ease of use in determining user acceptance of new IS

IE people adopted an IS if they thought it would lead to some sort of gain or benefit

Designers who focus on ease of use should potentially focus more on usefulness of a system.

 

Read the introduction to get the big picture of the area of research, note any words that you don’t understand and look them up. Try to identify from the introduction what ‘research question(s)’ was that the authors were hoping to answer.

There wasn’t any words in the introduction that most people would have to research.

It’s very clear what they’re going to be looking at at in the intro and these are the questions i’ve gathered:

 

Read the conclusion. If this is well written it will be another summary of the paper (a bit like the abstract) but it will focus more on the results and what they seem to mean.

the conclusion is well written and draws from the findings of the research and survey results.

 

Advertisements

Potential publication to analyze for assignment

Note: This is not a full review but rather a quicker analysis to see if this publication is suitable enough for the assignment

Publication title:

INFORMATION SECURITY POLICY COMPLIANCE: AN EMPIRICAL STUDY OF RATIONALITY-BASED BELIEFS AND INFORMATION SECURITY AWARENESS

http://aisel.aisnet.org/cgi/viewcontent.cgi?article=2919&context=misq

Authors 

Burcu Bulgurcu  – Sauder School of Business University of British Columbia Vancouver, BC V6T 1Z2 CANADA – burcu.bulgurcu@sauder.ubc.ca

Hasan Cavusoglu – Sauder School of Business University of British Columbia Vancouver, BC V6T 1Z2 CANADA – hasan.cavusoglu@sauder.ubc.ca

Izak Benbasat Sauder – School of Business University of British Columbia Vancouver, BC V6T 1Z2 CANADA – izak.benbasat@sauder.ubc.ca

 

Researching UBC tells me that it’s a high ranking university and checking the emails shows me that they were in fact all registered there at some point. Further research of other field-related publications by each of the authors, and LinkedIn profiles of the authors lead me to believe they are credible to publish information relating to their field of knowledge.

From the abstract i got the following information very easily:

What is the research topic?

Employees in relation to information security and how policies, staff tendencies have an effect on information security.

What did the authors do?

They examined previous literature, research, then generated models & theories which they tested by doing their own research in the form of surveys.

What they discovered

Organizations should create appropriate training and security awareness programs that ensure employees’ information security awareness

Effects of attitude, normative beliefs, and self-efficacy to comply on a customer service employee’s intention to comply and possibly break policy are significant

ISA has a direct significant influence on attitude toward compliance and plays a major role in shaping outcome beliefs

Read the introduction to get the big picture of the area of research, note any words that you don’t understand and look them up. Try to identify from the introduction what ‘research question(s)’ was that the authors were hoping to answer.

There wasn’t any words in the introduction that most people would have to research.

It’s very clear what they’re going to be looking at at in the intro and these are the questions they specifically state:

(1) What are the broad classes of an employee’s beliefs about the overall assessment of consequences of compliance or noncompliance that influence attitude toward compliance and, in turn, intention to comply with the ISP?

(2) What are an employee’s beliefs about the outcomes of compliance and noncompliance that influence beliefs about the overall assessment of consequences?

(3) What is the role of information security awareness (ISA) in shaping an employee’s beliefs about outcomes and attitude toward compliance?

Read the conclusion. If this is well written it will be another summary of the paper (a bit like the abstract) but it will focus more on the results and what they seem to mean.

the conclusion is well written and draws from the findings of the research and survey results.