Understanding the perpetration of employee computer crime in the organisational context

Authors:
Robert Willison
Affiliations:
Copenhagen Business School, Howitzvej 60, DK-2000 Frederiksberg, Denmark
Venue:
Information and Organization
Year:
2006

Citing 12
Cited 4

Computer abuse and security: Update on an empirical pilot study

ACM SIGSAC Review
Discovering and disciplining computer abuse in organizations: a field study

MIS Quarterly
The mind's new science: a history of the cognitive revolution

The mind's new science: a history of the cognitive revolution
Security concerns of system users: a study of perceptions of the adequacy of security

Information and Management
The effect of codes of ethics and personal denial of responsibility on computer abuse judgements and intentions

MIS Quarterly
Fighting computer crime: a new framework for protecting information

Fighting computer crime: a new framework for protecting information
Coping with systems risk: security planning models for management decision making

MIS Quarterly
Ethics and computer security: cause and effect

CSC '88 Proceedings of the 1988 ACM sixteenth annual conference on Computer science
Developing ethical practices to minimize computer misuse

Social Science Computer Review - Special issue on ISTAS '97: computers and society at a time of sweeping change
Detering Highly Motivated Computer Abusers: A Field Experiment in Computer Security

IFIP/Sec '92 Proceedings of the IFIP TC11, Eigth International Conference on Information Security: IT Security: The Need for International Cooperation
Who are the computer criminals?

ACM SIGCAS Computers and Society
Case study: Computer crime at CEFORMA: a case study

International Journal of Information Management: The Journal for Information Professionals

Overcoming the insider: reducing employee computer crime through Situational Crime Prevention

Communications of the ACM - The Status of the P versus NP Problem
A calculus for the qualitative risk assessment of policy override authorization

Proceedings of the 3rd international conference on Security of information and networks
Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness

MIS Quarterly
Beyond deterrence: an expanded view of employee computer abuse

MIS Quarterly

Quantified Score

Hi-index	0.00

Visualization

Abstract

While hackers and viruses fuel the IS security concerns for organisations, the problems posed by employee computer crime should not be underestimated. Indeed, a number of IS security researchers have turned their attention to the 'insider' threat. Of this group, several focus on the offender, either in terms of a series of attributes required for perpetration, or with reference to forms of safeguards aimed at negating such behaviour. These studies are complemented by those texts which examine the organisational context in which rogue employees commit computer crime. Currently, however, there has been a lack of insight into the relationship between the offender and the context, during the commission process. To address this deficiency, two criminological theories are advanced. This paper illustrates how the theories, entitled the Rational Choice Perspective and Situational Crime Prevention, can be applied to the IS domain, thereby offering a theoretical basis by which to analyse the offender/context relationship during perpetration. By so doing, practitioners may use these insights to inform and enhance the selection of safeguards in a bid to improve prevention programmes. Furthermore, the importation of the Rational Choice Perspective and Situational Crime Prevention into the IS field opens up potentially new areas for future research.