Search results

The purpose of this study was to investigate the roles of employee experience and top management commitment in the relationship between human resource (HR) records management culture and HR records privacy control in organisations in Ghana.

Structural equation modelling was used in analysing the data. Following the specification of the model, three main types of analyses were carried out. They were reflective measurement model analyses to test reliability and validity; formative measurement model analyses to test redundancy, collinearity, significance and relevance of the lower-order constructs; and structural model analyses to ascertain the explanatory and predictive powers of the model, significance of the hypotheses and their effect sizes.

The study confirmed that communication, privacy awareness and training and risk assessment are dimensions of HR records management culture. Concerning the hypotheses, it was established that HR records management culture is related to HR records privacy control. Also, the study showed that employee experience positively moderated the relationship HR records management culture has with HR records privacy control. However, top management commitment negatively moderated the relationship HR records management culture has with HR records privacy control.

Organisations committed to the privacy control of HR records need to ensure the retention of their employees, as the longer they stay with the organisation, the more they embody the HR records management culture which improves the privacy control of HR records. For top management commitment, it should be restricted to providing strategic direction for HR records privacy control, as the day-to-day influence of top management commitment on the HR records management culture does not improve the privacy control of HR records.

This study demonstrates that communication, privacy awareness and training and risk assessment are dimensions of HR record management culture. Also, the extent of employee experience and top management commitment required in the relationship between HR records management culture and HR records privacy control is revealed.

This study aims to examine the relationship between tool adoption and information literacy within smallholder farmers (SHFs).

A structured questionnaire was used to gather data for this quantitative study from 225 SHFs. Structural equation modelling was done to test the hypotheses.

The findings established that tool adoption dimensions (Information and communication technologies (ICT) acceptance, language use and information culture) positively and significantly influenced information literacy. Information culture had the strongest impact.

The study enriches the situated learning theory (SLT) literature by introducing tool adoption as a predictor of information literacy in a new context of SHFs. Use of tools as independent variables is a positive deviation from previous studies that have used them as mediating variables. Despite the contributions, the cross-sectional design study undermines the ability to solicit more detailed perspectives from the lived in experience of the respondents.

Managers should promote usage of context-specific tools like local radio stations and mobile phones, but also use language tailored to farmer contexts when disseminating information. Policymakers should leverage on social and cultural settings when designing information interventions.

The study highlights critical factors that significantly promote information use for improved productivity for SHFs, cumulatively increasing the country’s gross domestic product (GDP). Socially, findings may reduce on their poverty levels of farmers.

This study offers a novel perspective in information literacy domain by using the SLT to delineate contextual tools that are paramount in predicting of information literacy in an under research informal context of SHFs.

Our purpose is to reconnect memetics to information, a persistent and unclear association. Information can contribute across a span of memetic research. Its obscurity restricts conversations about “information flow,” the connections between “form” and “content,” as well as many other topics. As information is involved in cultural activity, its clarification could focus memetic theories and applications.

Our design captures theoretical nuance in memetics by considering a long standing conceptual issue in memetics: information. A systematic review of memetics is provided by making use of the term information across literature. We additionally provide a citation analysis and close readings of what “information” means within the corpus.

Our initial corpus is narrowed to 128 pivotal memetic publications. From these publications, we provide a citation analysis of memetic studies. Theoretical directions of memetics in the informational context are outlined and developed. We outline two main discussion spaces, survey theoretical interests and describe where and when information is important to memetic discussion. We also find that there are continuities in goals which connect Dawkins’s meme with internet meme studies.

To our knowledge, this is the broadest, most inclusive review of memetics conducted, making use of a unique approach to studying information-oriented discourse across a corpus. In doing so, we provide information researchers areas in which they might contribute theoretical clarity in diverse memetic approaches. Additionally, we borrow the notion of “conceptual troublemakers” to contribute a corpus collection strategy which might be valuable for future literature reviews with conceptual difficulties arising from interdisciplinary study.

Effective information security management (ISM) contributes to building a healthy organizational digital ecology. However, few studies have built an analysis framework for critical influencing factors to discuss the combined influence mechanism of multiple factors on ISM performance (ISMP). This study aims to explore the critical success factors and understand how these factors contribute to ISMP.

This study used a mixed-method approach to achieve this study’s research goals. In Study 1, the authors conducted a qualitative analysis to take a series of International Organization for Standardization/International Electrotechnical Commission standard documents as the basis to refine the critical factors that may influence organizations’ ISMP. In Study 2, the authors built a research model based on the organizational control perspective and used the survey-based partial least squares-based structural equation modeling (PLS-SEM) approach to understand the relationships between these factors in promoting ISMP. In Study 3, the authors used the fuzzy set qualitative comparative analysis (fsQCA) method to empirically analyze the complex mechanisms of how the combinations of the factors affect ISMP.

The following three research findings are obtained. First, based on the text-based qualitative analysis, the authors refined the critical success factors that may increase ISMP, including information security policies (ISP), top management support (TMS), alignment (ALI), information security risk assessment (IRA), information security awareness (ISA) and information security culture (ISC). Second, the PLS-SEM testing results confirmed TMS is the antecedent variable motivating organization’s formation (ISP) and information control (ISC) approaches; these two types of organization control approaches increase IRA, ISA and ALI and then promote ISMP directly and indirectly. Third, the fsQCA testing results found two configurations that can achieve high ISMP and one driving path that leads to non-high ISMP.

This study extends knowledge by exploring configuration factors to improve or impede the performances of organizations’ ISM. To the best of the authors’ knowledge, this study is one of the first to explore the use of the fsQCA approach in information security studies, and the results not only revealed causal associations between single factors but also highlighted the critical role of configuration factors in developing organizational ISMP. This study calls attention to information security managers of an organization should highlight the combined effect between the factors and reasonably allocate organizational resources to achieve high ISMP.

Despite ongoing reports of insider-driven leakage of confidential data, both academic scholars and practitioners tend to focus on external threats and favour information technology (IT)-centric solutions to secure and strengthen their information security ecosystem. Unfortunately, they pay little attention to human resource management (HRM) solutions. This paper aims to address this gap and proposes an actionable human resource (HR)-centric and artificial intelligence (AI)-driven framework.

The paper highlights the dangers posed by insider threats and presents key findings from a Leximancer-based analysis of a rapid literature review on the role, nature and contribution of HRM for information security, especially in addressing insider threats. The study also discusses the limitations of these solutions and proposes an HR-in-the-loop model, driven by AI and machine learning to mitigate these limitations.

The paper argues that AI promises to offer many HRM-centric opportunities to fortify the information security architecture if used strategically and intelligently. The HR-in-the-loop model can ensure that the human factors are considered when designing information security solutions. By combining AI and machine learning with human expertise, this model can provide an effective and comprehensive approach to addressing insider threats.

The paper fills the research gap on the critical role of HR in securing and strengthening information security. It makes further contribution in identifying the limitations of HRM solutions in info security and how AI and machine learning can be leveraged to address these limitations to some extent.

Despite the growing concern about security breaches and risks emerging from Shadow IT usage, a type of information security violation committed by organizational insiders, this phenomenon has received little scholarly attention. By integrating the dual-factor theory, unified theory of acceptance and use of technology (UTAUT) and social control theory, this research aims to examine facilitating and deterring factors of Shadow IT usage intention.

An online survey was performed to obtain data. As this study aims at investigating the behavior of organizational insiders, LinkedIn, an employment-oriented network site, was chosen as the main site to reach the potential respondents.

The results show that while performance expectancy, effort expectancy and subjective norms considerably impact intention to use Shadow IT, personal norms and sanctions-related factors exert no influence. Besides, an organizational factor of ethical work climate is found to significantly increase individual perceptions of informal controls and formal controls.

This work is the first attempt to extend the generalizability of the dual-factor theory and UTAUT model, which primarily has been utilized in the context of system usage, to the new context of information security. This study is also one of few studies that simultaneously take both organizational and individual factors into consideration and identify its impacts on user's behaviors in the information security context.

This paper presents a qualitative study of penetration testing, the practice of attacking information systems to find security vulnerabilities and fixing them. The purpose of this paper is to understand whether and to what extent penetration testing can reveal various socio-organisational factors of information security in organisations. In doing so, the paper innovates theory by using Routine Activity Theory together with phenomenology of information systems concepts.

The articulation of Routine Activity Theory and phenomenology emerged inductively from the data analysis. The data consists of 24 qualitative interviews conducted with penetration testers, analysed with thematic analysis.

The starting assumption is that penetration testers are akin to offenders in a crime situation, dealing with targets and the absence of capable guardians. A key finding is that penetration testers described their targets as an installed base, highlighting how vulnerabilities, which make a target suitable, often emerge from properties of the existing built digital environments. This includes systems that are forgotten or lack ongoing maintenance. Moreover, penetration testers highlighted that although the testing is often predicated on planned methodologies, often they resort to serendipitous practices such as improvisation.

This paper contributes to theory, showing how Routine Activity Theory and phenomenological concepts can work together in the study of socio-organisational factors of information security. This contribution stems from considering that much research on information security focuses on the internal actions of organisations. The study of penetration testing as a proxy of real attacks allows novel insights into socio-organisational factors of information security in organisations.

Information security (InfoSec) policy violations are of great concern to all organisations worldwide, especially in the financial industry. Although the importance of InfoSec policy has been highlighted for many decades, InfoSec breaches still occur due to a low level of employee compliance and a lack of engagement and competence in high-level management. However, previous studies have primarily investigated the behavioural aspects of InfoSec policy compliance at the individual level rather than the managerial factors involved in constructing InfoSec policy and developing its effectiveness. Thus, drawing on neo-institutional theory and a transformational leadership framework, this research investigated the influence of external mechanisms and transformational leadership on InfoSec policy effectiveness.

The research model was implemented using field survey data from professional managers in the financial sector.

The results reported that neo-institutional mechanisms and transformational leadership shape InfoSec policy effectiveness in an organisation.

This study broadens current InfoSec policy research from an individual level to a managerial perspective and enhances the existing literature on neo-institutional and transformational leadership in the context of InfoSec. It highlights the need to evaluate InfoSec policy based on external factors and to support transformational leadership styles that promote InfoSec policy enforcement and effectiveness.

The public sector (PS) has extensively utilized information technology (IT); however, research reveals that the failure rate remains high, particularly for national and sectoral IT (NaSIT) applications. To this end, numerous studies have been conducted to gauge the success of IT applications, where a significant number have demonstrated the importance of planning in this regard. Consequently, the current study aims to investigate the factors that influence the success of NaSIT planning and implementation within this sector.

A qualitative methodology and a systematic literature review encompassing papers indexed in seven databases until November 2022 were utilized.

The review of 92 selected papers revealed that the success of NaSIT planning and implementation is influenced by a number of factors divided into nine main categories. These include vision, goals and objectives; alignment; interoperability; infrastructure; involvement; equity and digital divide; privacy, security and trust; administration; and culture. Human, social, economic and organizational factors comprise the vast majority of these factors. By addressing these factors, the failure rate of IT plans can be reduced. Governments will be able to effectively employ this technology to accomplish their missions if these factors are considered in order to decrease the failure rate of IT plans.

By examining the factors that influence the success of NaSIT planning and implementation in the PS, this study attempts to provide a comprehensive view of various types of research. Furthermore, policymakers can employ this perspective to improve the efficiency and effectiveness of the PS.

The subject of this paper is the phenomenon of social media aesthetics, which can be perceived as a tool for promoting and building the image of libraries, especially in terms of merchandising. The aim of this paper is to analyse the potential of the dark academia social media trend in the promotion of academic libraries.

The article is based on a review of the social networking sites YouTube and Instagram and an analysis of network resources using the Brand24 tool.

Resources that are described by Internet users as “dark academia” are popular in social media. Dark academia as an aesthetic concept creates potential for the promotion of academic libraries, especially those that are more traditional in terms of their architecture, décor or how they offer their services.

The paper concerns a phenomenon which, although popular socially, has not yet been scientifically analysed in the literature on the subject. Since the topic is new and there is no scientific literature on it, the author had to base the paper on less standard sources of information (e.g. analysis of the content of social media). The article is a review, an introduction, as well as an invitation to further discussion. The author's aim is not to comprehensively cover this topic but only to draw attention to an interesting and rarely discussed issue that has great potential for practical activities.

The topic has great potential for the practical improvement of the promotional activities of libraries, especially older, more traditional libraries, to create a strong and positive image on the basis of characteristics often perceived as weaknesses.

Social media services are powerful social impact tools. Showing the potential role of social media aesthetics for cultural institutions could serve to make the public more aware of the role of the proper use of social media for promotion and image building.

The use of social media aesthetics is very rarely discussed in the subject literature.