This essay has been submitted by a student. This is not an example of the work written by professional essay writers.
Uncategorized

Operations Security :Critical analysis and evaluation of a given article

Pssst… we can write an original essay just for you.

Any subject. Any type of essay. We’ll even meet a 3-hour deadline.

GET YOUR PRICE

writers online

Operations Security :Critical analysis and evaluation of a given article

Introduction

In an organization, policies associated with information security must be adhered by the employees of the firm. Compliance with security procedures can be ensured within the organization only when effective measures are taken. Both theoretical and practical approaches must be considered while ensuring compliance. Hence, the chosen article related to the topic shall be critically analyzed. The author’s work shall be evaluated, and the opinions of the author shall be considered (Wodak & Meyer, 2015). The main points shall be summarized, and own opinion regarding the views of the author shall be formulated as well.

Critical Analysis

The author in this paper introduced the malpractice of employees and their careless attitude towards policies related to information security. The paper uses previous models such as PMT or Protection Motivation Theory and integrated it with General Deterrence Theory or GDT as well as the TRA or Theory of Reasoned Action. According to the author, in 90% of cases, organizations are required to come across an incident related to information security. It is vital to note that when employees do not comply with the organizational policies, they put the organization under threat (Siponen, Mahmood & Pahnila, 2014). It is concerning for any organization to face issues related to its business operations and assets.

Don't use plagiarised sources.Get your custom essay just from $11/page

Further analysis suggests that it is possible to make employees comply with policies, and the overall situation of the organization can be improved as well. The study is critical because it has generated a new model from the previously existing ones. GDT, TRA and PMT have been combined. The authors have also validated the results by using a practical study. Practitioners and researchers in this field can utilize the study findings. They will gain access to empirical data and apply the results for benefitting the situation of an organization. The paper has been organized well and therefore; it is easier to understand the opinions of the author. For instance, the study highlights previous research conducted on compliance issues of security policies. It has been suggested in previous studies that training programs, along with awareness programs, can improve the situation. Previous studies also state that it is possible to practically enhance the behavior of employees by monitoring their behavior, suggesting the implications of violation and involving managers and consultants to keep track of employee behavior. Hence, it is clear that awareness and urgency will be created in the minds of the employees, and they will comply with security policies.

The next part of the article highlights that specific theoretical models can be applied; however, this study lacks empirical data. It is focused on the classical deterrence theory and the rational choice model as well. However, these models created a gap and did not explain the practical implications. The RCM model only highlights the reasons behind workers violating the policies and the GDT model has been used to investigate the fact of whether computer abuse can be reduced by investing in information security measures. Hence, these models lack empirical data and based on theoretical assumptions. The present study has successfully bridged the gap between theory and field-based data.

The author has combined GDT, PMT and the TRA model. The first hypothesis is threat appraisal is not suitable for employees, and they might not comply with the policies. Again, the authors hypothesized that rather than threat appraisal, self-efficacy and response efficacy could impact the intention of the employees. The authors prove that intention is the real game-changer as it is the willingness of employees that can motivate them to act in a certain way. It is true that appraisal and awareness of the implications of action can encourage employees to comply with security policies. The employees must understand the seriousness and relevance of the matter. It is possible to motivate employees using verbal persuasion and increasing education. The article clearly outlines that security personnel must be aware of security threats related to IS.

Conclusion

It can be concluded that the authors have made a significant impact by combining theory and practice. It is challenging to find flaws in the study because they have proved their hypothesis with empirical studies. The structuring and formatting of the paper are clear for understanding, and the article will be useful for practitioners to understand the social behavior of employees.

 

 

References

Siponen, M., Mahmood, M. A., & Pahnila, S. (2014). Employees’ adherence to information security policies: An exploratory field study. Information & management51(2), 217-224.

Wodak, R., & Meyer, M. (Eds.). (2015). Methods of critical discourse studies. Sage.

  Remember! This is just a sample.

Save time and get your custom paper from our expert writers

 Get started in just 3 minutes
 Sit back relax and leave the writing to us
 Sources and citations are provided
 100% Plagiarism free
error: Content is protected !!
×
Hi, my name is Jenn 👋

In case you can’t find a sample example, our professional writers are ready to help you with writing your own paper. All you need to do is fill out a short form and submit an order

Check Out the Form
Need Help?
Dont be shy to ask