This paper aims to improve understanding of individuals' awareness and perceptions of computer usage policies (CUPs) and why individuals elect not to read these policies.
MBA students were asked to complete an online survey evaluating their behavioral intention to read CUPs, as well as their performance of this behavior. Factors contributing to the intention to read policies were also examined. The resulting data were analyzed with Smart PLS.
Results suggest that three factors influence individual intention to read CUPs. These factors include attitude, apathy, and social trust. The model explained about 70 percent of individual intention to read CUPs and about 44 percent of the variability in actually reading these policies.
The sample is limited to MBA students from a single university.
Although written policy statements are often considered the cornerstone of computer security, many individuals elect not to read these policies. Thus, other methods of communication must be used.
This paper examines the reasons individuals elect not to read CUPs. Given the importance of these policies as deterrents to information systems misuse and computer crime, understanding why individuals fail to read policies is a critical first step in enhancing user knowledge of computer security.
Bryan Foltz, C., Schwager, P.H. and Anderson, J.E. (2008), "Why users (fail to) read computer usage policies", Industrial Management & Data Systems, Vol. 108 No. 6, pp. 701-712. https://doi.org/10.1108/02635570810883969
Emerald Group Publishing Limited
Copyright © 2008, Emerald Group Publishing Limited