References
- Anderson, J. and Gerbing, D., “Some methods for respecifying measurement models to obtain unidimensional construct measurement,” Journal of Marketing Research (19:4), 1982, 453–460.
- Bentler, P.M., “On the fit of models to covariances and methodology to the bulletin,” Psychological Bulletin (112:3), 1992, 400–404.
- Bentler, P.M. and Bonnett, D.G., “Significance tests and goodness of fit in the analysis of covariance structures. Psychological Bulletin (88:3), 1980, 588–606.
- Browne, M.W. and Cudeck, R., “Alternative ways of assessing model fit,” Testing Structural Equation Models, Bollen, K.A. and Long, J.S., Eds, Newbury Park, CA: Sage, 1993, 445–455.
- Bulgurcu, B., Cavusoglu, H. and Benbasat, I., “Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness,” MIS Quarterly (34:3), 2010, 523–548.
- Chen, Y., Ramamurthy, K. and Wen, K-W, “Organization's information security policy compliance: Stick or carrot approach?” Journal of Management Information Systems (29:3), 2013, 163–195.
- Da Veiga, A. and Eloff, J.H.P., “A framework and assessment instrument for information security culture,” Computers & Security (29:2), 2010, 196–207.
- D'Arcy, J. and Herath, T., “A review and analysis of deterrence theory in the IS security literature: Making sense of the disparate findings,” European Journal of Information Systems, (20:6), 2011, 643–658.
- D'Arcy, J., Hovav, A. and Galletta, D., “User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach,” Information Systems Research (20:1), 2009, 79–98.
- Fornell, C. and Larcker, D.F., “Evaluating structural equation models with unobservable variables and measurement error,” Journal of Marketing Research (18:1), 1981, 39–50.
- Greene, G., and D'Arcy, J, “Assessing the impact of security culture and the employee-organization relationship on IS security compliance,” Fifth Annual Symposium on Information Assurance, Albany, NY, June 16-17, 2010.
- Herath, T. and Rao, H.R., “Protection motivation and deterrence: A framework for security policy compliance in organizations,” European Journal of Information Systems (18:2), 2009, 106–125.
- Knapp, K.J., Marshall, T.E., Rainer, R.K. and Ford, F.N., “Information security: Management's effect on culture and policy,” Information Management & Computer Security (14:1), 2006, 24–36.
- Lee, S.M., Lee, S-G, and Yoo, S., “An integrative model of computer abuse based on social control and general deterrence theories,” Information and Management (41:6), 2004, 707–718.
- Mackinnon, D.P., Johnson, C.A., Pentz, M.A., Dwyer, J.H., Hansen, W.B., Flay, B.R. and Wang, E.Y., “Mediating mechanisms in a school-based drug prevention program: First-year effects of the midwestern prevention project,” Health Psychology (10:3), 1991, 164–72.
- McKnight, D.H., Choudhury, V. and Kacmar, C., “Developing and validating trust measures for e-commerce: An integrative typology,” Information Systems Research (13:3), 2002, 334–359.
- Muthén, B.O. and Muthén, L., The Comprehensive Modeling Program for Applied Researchers User Guide, Muthén & Muthén, Los Angeles, CA, 2003.
- Nunnally, J., Psychometric Theory. McGraw-Hill, New York, 1978.
- Palanisamy, R., “Organizational Culture and Knowledge Management in ERP Implementation: An Empirical Study,” Journal of Computer Information Systems, (48:2), 2007, 100–120.
- Schein, E.H., The Corporate Culture Survival Guide, San Francisco, Jossey-Bass, 1999
- Schlienger, T. and Teufel, S., “Analyzing information security culture: Increased trust by an appropriate information security culture,” 14th International Workshop on Database and Expert Systems Applications (DEXA'03), Prague, Czech Republic, 2003.
- Segars, A.H., “Assessing the unidimensionality of measurement: A paradigm and illustration within the context of information systems research,” Omega (25:1), 1997, 107–21.
- Shropshire, J., Warkentin, M., and Johnston, A., “Impact of Negative Message Framing On Security Adoption.” Journal of Computer Information Systems, (51:1), 2010, 41–51.
- Siponen, M. and Vance, A., “Neutralization: New insights into the problem of employee systems security policy violations,” MIS Quarterly (34:3), 2010, 487–502.
- Srite, M. and Karahanna, E., “The Role of Espoused National Cultural Values in Technology Acceptance,” MIS Quarterly, (30:3), 2006, 679–704
- Straub, D., Boudreau, M-C and Gefen, D., “Validation guidelines for is positivist research,” Communications of the AIS (13), 2004, 380–426.
- Straub, D.W. and Welke, R.J., “Coping with systems risk: Security planning models for management decision making,” MIS Quarterly (22:4), 1998, 441–469.
- Thomson, K-L.N., Von Solms, R. and Louw, L., “Cultivating an organizational information security culture,” Computer Fraud & Security, (2006:10), 2006, 7–11.
- Van Den Steen, E.J., “Culture clash: The costs and benefits of homogeneity,” Management Science (56:10), 2010, 1718–1738.
- Van Niekerk, J.F. and Von Solms, R., “Information security culture: A management perspective,” Computers & Security (29:4), 2010, 476–486.
- Whitman, M.E. “Enemy at the gate: Threats to information security,” Communications of the ACM (46:8), 2003, 91–95.
- Wilson, M. and Hash, J., Building an Information Technology Security Awareness and Training Program. NIST Special Publication 800-50, National Institute of Standards and Technology, U.S. Department of Commerce, 2003.