摘要
In the context of goal setting, the more difficult the goal, given feedback on performance, the more focused is individuals’ attention and persistence to accomplish the goal and in turn, their performance is also improved. Similarly, when the goal is multi-complex and performance time constraint, the deployment of specific strategies maybe the best approach developed. In effect of the above, this investigation takes a socio-psychological and organizational perspective in setting information systems (IS) security goals. In doing so, three important issues of goal setting are identified, these are: trust, culture and risk communication. Since system security breaches are still on the rise, the performance of managing such online risks is not the one expected. The framework suggested in this paper aims to contribute to socio-psychological and organizational values by enhancing the performance of the IS risk management process with a focus on security risks.
In the context of goal setting, the more difficult the goal, given feedback on performance, the more focused is individuals’ attention and persistence to accomplish the goal and in turn, their performance is also improved. Similarly, when the goal is multi-complex and performance time constraint, the deployment of specific strategies maybe the best approach developed. In effect of the above, this investigation takes a socio-psychological and organizational perspective in setting information systems (IS) security goals. In doing so, three important issues of goal setting are identified, these are: trust, culture and risk communication. Since system security breaches are still on the rise, the performance of managing such online risks is not the one expected. The framework suggested in this paper aims to contribute to socio-psychological and organizational values by enhancing the performance of the IS risk management process with a focus on security risks.
