An activity theory approach to information security non-compliance

Rima Khatib; Henri Barki

doi:10.1108/ics-11-2018-0128

What is it about?

The purpose of the present paper is to introduce Activity Theory (AT) as a new theoretical lens to the field of information security non-compliance by explaining how research in that field can benefit from AT. Based on AT, it is suggested that employees, IT systems, task characteristics, information security policies (ISPs), community, and division of labor can be viewed to form an ensemble labeled activity. Their characteristics and/or the relationships that exist between them in organizational contexts are hypothesized to influence non-compliance behaviors. The paper argues that AT provides a broad lens that can be useful for explaining a large variety of non-compliant behaviors related to information security and suggests eight propositions for future research.

This page is a summary of: An activity theory approach to information security non-compliance, Information and Computer Security, March 2020, Emerald,
DOI: 10.1108/ics-11-2018-0128.
You can read the full text:

Read

Contributors

Be the first to contribute to this page

An activity theory approach to information security non-compliance

What is it about?

Contributors

Discover more

Medical Research

Life Sciences

Physical Sciences

Technology and Engineering

Environmental Research

Arts and Humanities

Social Sciences

Business and Management

An activity theory approach to information security non-compliance

What is it about?

Featured Image

Read the Original

Contributors

Share this page:

Discover more

Medical Research

Life Sciences

Physical Sciences

Technology and Engineering

Environmental Research

Arts and Humanities

Social Sciences

Business and Management