Wait a second!
More handpicked essays just for you.
More handpicked essays just for you.
Role of information security policy
Don’t take our word for it - see why 10 million students trust us with their essay needs.
Recommended: Role of information security policy
Computer misuse is a ubiquitous behaviour in many organizations. It has a serious influence on system security which should be considered by every organization. Inappropriate use of computer in workplace is increasing every year and this deviant behaviour has a negative influence on both organizations and employees (Bock, Park & Zhang, 2010). D’Arcy, Hovav and Galletta (2009) mention that 50%-75% security issues have been found from the inside of an enterprise, and a majority of internal threats are relating to individual’s unsafe operation on computer. Therefore, it is necessary for organizations to optimize system security by implementing a rational measure to moderate individual’s unsafe behaviour on computer in workplace. Employees, who play a key role in security protection, need to be helped increase compliance on information security policy. This essay will discuss which is a more effective approach, reward (encouraging employees comply with security policy and normatively use computer in workplace) or punishment (preventing misuse and insecure operation), though analysing the impact of each mechanism and employees’ reaction to draw a conclusion that punishment is a more effective way than reward to moderate employees’ misuse and unsafe behaviour regarding computer use at work.
Admittedly, reward should be a more acceptable policy than punishment for employees. Employees would keep performing well in their work after being rewarded (Patel & Conklin, 2012). According to Gardner and Quigleym (2010), employees, who have been rewarded in their job, will be aroused to have a higher compliance on the purpose of their work. Appropriate reward is directly relating to employees’ working satisfaction. They will be more satisfied an...
... middle of paper ...
...rganisations. European Journal of Information Systems, 18,106–125
Liao, Q., Luo, X., Gurung, A., & Li, L. (2009). Workplace management and employee misuse: Does punishment matter? The Journal of Computer Information Systems, 50(20), 49-59
Myyry, L., Siponen, M., Pahnila, S., Vartiainen, T., & Vance, A. (2009). What levels of moral reasoning and values explain adherence to information security rules? An empirical study. European Journal of Information Systems, 18, 126-139
Patel, P., & Conklin, B. (2012). Perceived labor productivity in small firms—the effects of high-performance work systems and group culture through employee retention. Theory and Practice, 36(2), 205-235
Spitzmuller, C., & Stanton, J.M. (2006). Examining employee compliance with organizational surveillance and monitoring. Journal of Occupational and Organizational Psychology, 79, 245–272
The topic for week 3 of Computer Ethics was based upon an IT security policy in relation to a company’s ethics. The discussion board began with how training as well as education needs to be implemented throughout the business to ensure confidential information is not sent out without encryption or following other procedures put in place. This not only maintains the integrity of the company, but also makes the employees accountable as well. This can be accomplished by a well defined security policy and procedures which outlines the plan of action and the implementation. Many agreed a well documented plan needs to be kept updated as well as conveyed to the rest of the staff so everyone knows what their role is. In addition, Dawan pointed out that a security policy is a “living document” which is one that is forever changing to try and keep up with hackers. Many also agreed it is imperative everyone in the organization needs to be trained on the security policies at an organization.
For many years, there has been an ongoing fight between employers and employees pertaining to employee rights. The main thing that they have fought about is computer and email monitoring.
An employer also should restrict an employee’s access to the internet or access to certain web sites, or prohibit the use of personal work computers. As a result, there is no right to claim privacy against your employer for monitoring or restricting your use of the internet. Having an internal regulation could avoid the personal use of a computer in the workplace, the employers are the owners of the computers, and they are also the owners of the data transmitted to and from the computers, regardless of the source. Another reason that justifies the employer's ability to control the use of the computer in the workplace is the security of their internal systems. Computer systems can be vulnerable to viruses and other types of technological problems if employees are downloading information and Internet programs, or other potentially harmful materials. Security can also be a problem in that employees can violate the company's confidentiality rules. By monitoring the use of the personal Internet, employers can prevent employees from being the means of disseminating confidential information about the company to the
In this particular case, the firm collects a wide variety of information on its employees. For current employees, the focus is through workplace cameras, monitoring internet traffic through workplace computers, GPS tracking on employer vehicles. Prospective employees are analyzed by pre-employment personality tests and background checks. There are certain guidelines as far as what information can be collected and used against an employer. Focusing more on employer monitoring at the workplace would give a better insight on what can and cannot take place. Further, we will look into the risk that employers c...
Rewards can have a positive influence on work motivation and performance. They contribute to fundamental human needs such as esteem or self-actualization, create a basis for communication amongst co-workers, and push employees to complete work related tasks. Rewards such as recognition, monetary payments, and privileges have many advantages and uses but also have some drawbacks. An example of a drawback of rewards is when the rewards reduces intrinsic motivation, this relates to the overjustification effect.
"A simple thing such as giving a employee a little reward for outstanding performance for a month or a year could help motivate other employees to want to do better so that they could have the chance to be recognized for their outstanding work.
Employee Monitoring: Is There Privacy in the Workplace? . (6/3/2004)
Sometimes there is no middle ground. Monitoring of employees at the workplace, either you side with the employees or you believe management owns the network and should call the shots. The purpose of this paper is to tackle whether monitoring an employee is an invasion of privacy. How new technology has made monitoring of employees by employers possible. The unfairness of computerized monitoring software used to watch employees. The employers desire to ensure that the times they are paying for to be spent in their service is indeed being spent that way. Why not to monitor employees, as well as tips on balancing privacy rights of employees at the job.
Workplace deviance is a voluntary unethical behavior that disobeys organizational norms about wrong and right, and in doing so, threatens the wellbeing of the organization, and/or its members(Robinson and Bennett 555-572). According to Robinson and Bennett, “workplace deviances behavior varies along two dimensions: minor versus serious, and interpersonal (deviant behavior directed at other individuals in the organization) versus organizational (deviant behavior directed at the organization)” (555-572). Based on these dimensions it was further divided, into four categories: production deviance (leaving early, wasting resources etc.), property deviance (stealing ,destroying equipment etc.), political deviance (gossiping, favoritism etc.), and personal aggression (verbal abuse ,sexual harassment etc.) (Robinson and Bennett 555-572).According to Robinson and Bennett,workplace deviant behaviors cost U.S. companies approximately between $6 billion and $200 billion annually(555-572). In addition turnover, absences, and illness, and results in poor or lowered productivity, low morale, and litigation ., workplace deviances leads to misuse and loss of time, waste of resources, increases employee(Robinson and Bennett 555-572) .
Reward Management (RM) has been defined as the distribution of monetary and non-monetary rewards to employees in an effort to align the interests of the employees, the organisation, and its shareholders (O’Neil, 1998). In addition O’Neil (1998) also suggests that a RM system can serve the purpose of attracting prospective job applicants, retaining valuable employees, motivating employees, ensuring legal requirements relating to direct and indirect rewards are not violated, assisting the company in achieving human resource and business objectives, and ultimately assisting the organisation in obtaining a competitive advantage.
Employees perform productive behaviors by engaging in behavior that contributes positively to organizational goals and objectives (Britt & Jex, 2008, para 2). Organizations intend for employees to adapt to behaviors that will positively increase the functioning of the agency. This is done through proper training and efficient skills to complete significant roles. Positive long-term effects result from productive employee behaviors. Employees who contribute to the organization help ease financial burdens and strengthen job performances. The goal for most organizations is to have numerous employees perform duties that require little or no excess supervision. New employees train to self-sustain in an organization through strong leadership and staff recognition. The act of being productive relates with performance and a person’s effectiveness on-the-job. Workers achieving a great deal in a short amount of time are known as efficient workers. ...
Policies affect employee privacy by lowering employees' expectations of privacy in the workplace because he or she cannot expected privacy if an employee conducts the activity in a manner open to other employees. If an employee's reasonable expectations are similar to the privacy of personal mail delivered from the post office, he or she may believe the computer are just as private as the documents that he or she stored in the personal workplace's desk or filing cabinet. This reasoning of employee's reasonable expectations violates the employee's privacy. Yet, the employer stands may be that it has a justifiable interest in the oversight of business related employees communications, and in the cost of the used of the computer system. Only through consideration will these two interests will allow the right determination to be determine.
Research bears that rewards increase motivation, but they are sustained when both intrinsic and external needs are being fulfilled. Intrinsic rewards are motivated by factors such as pride, self- actualization and ownership fueling a drive to grow and develop and conversely extrinsic rewards include pay raises, promotions, punishment, criticism or withholding pay. When organizations intentionally reward desired behaviors, they are virtually guaranteeing that the employees will fulfill and meet organizational goals that are aligned with the organization’s mission and vision. Studies have shown that intrinsic rewards motivate and increase job satisfaction in upper management positions and extrinsic rewards appeal more to individuals in low level positions. Research also supports that reward programs increases job commitment and contributes towards reducing turnover. In order for both intrinsic and extrinsic rewards to be affected, they will need to be reviewed frequently throughout the employee’s tenure with the organization for
the risk of security incidents and breaches is reduced by encouraging employees to think and act in more security conscious ways;
For every technological introduction or advancement, there are consequences which come with it. This excludes not those that come with introduction of management information systems in companies. The modern society is entirely depended on information systems. Failure of these systems, today, can be declared as end of humanity. Worse enough is that there is a generational shift whereby future generations will not live without information systems that manage information. However, latest evaluations of the impact of management information systems have proven that there are chances, which are very high, of ethics being abused at the work place. Both the employees and the employers, are guarded by certain cord of ethics which aim at regulating the dignity of everybody at working place; and how far one party can be influential on the other especially on matters pertaining privacy. Profit making goals should not, by any means, overlook the importance of working ethics. This paper endeavors to explore areas of major concern where working ethics are likely to be compromised or have already been compromised at the working place due to institution of management information systems. Nevertheless, this research does not underscore the importance of these systems at the working place. The aim is to expose the negative impacts that might result from misuse of management information systems. These impacts can emanate from either party that forms part of the organization. In this case, mostly, it is either from the employee or the employer.