The moderating effect of abusive supervision on information security policy compliance: Evidence from the hospitality industry
Document Type
Journal Article
Publication Title
Computers & Security
Volume
111
Publisher
Elsevier
School
School of Business and Law
RAS ID
36909
Funders
National Natural Science Foundation of China Ministry of Education of the People's Republic of China
Abstract
Organizations have recognized the importance of information security and have developed information security policies for their employees. Deterrence is often used to enhance employees’ compliance intention. However, the literature reports mixed results for the effects of deterrence, and we argue that those conflicting findings can be due to different managerial contexts across organizations. To understand how managerial factors influence the effects of deterrence, our study focused on abusive supervision and examined how abusive supervision moderated the relationship between deterrence perception and employee’ intention to comply with information security policies. Two rounds of surveys were conducted to collect data from Chinese hotel employees. The results show that abusive supervision could not enhance the effect of perceived severity and certainty of deterrence, when compliance intention from the second-round survey was used for hypotheses testing. Our study contributes to the literature by taking the first step toward explaining the inconsistent results in the literature on deterrence. Our study also provides important strategic guidelines informing managers that abusive supervision should not be used to enhance employees’ compliance with information security policies.
DOI
10.1016/j.cose.2021.102455
Access Rights
subscription content
Comments
Xu, J., Wang, X., & Yan, L. (2021). The moderating effect of abusive supervision on information security policy compliance: Evidence from the hospitality industry. Computers & Security, 111, article 102455. https://doi.org/10.1016/j.cose.2021.102455