 Control mechanisms in information security: a principal agent perspectiveTejaswini Herath and H. Raghav Rao International Journal of Business Governance and Ethics, 2010, vol. 5, issue 1/2, 2-13 Abstract: End user security behaviours are an important part of enterprise-wide information security. Although organisations have been actively using security technologies and practices, it is known that information security cannot be achieved through technological tools alone. In order to find appropriate control mechanisms to encourage employee security behaviours in organisations, we look at this problem through a principal agent perspective. Since employee security behaviours cannot be continuously monitored and employees may have conflicting views regarding security policies (moral hazard problem), we believe that the principal agent paradigm can provide insight in developing effective controls. Keywords: principal agent theory; information security; employee security behaviour; employee monitoring; security policies; control mechanisms; business governance; business ethics; economic crime prevention. (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:ids:ijbget:v:5:y:2010:i:1/2:p:2-13 Access Statistics for this article More articles in International Journal of Business Governance and Ethics from Inderscience Enterprises Ltd |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.