ICT615 Information Technology Research Methods
Topic 2
This session will introduce you to literature reviews. We will look at what they are, why they are needed and how they should be written. You will also have a session with the IT librarian to gain practical experience using the available resources to identify and obtain literature needed for a literature review.
Aims
After completing this topic you should be able to:
Tutorial Tasks
Sample exam questions
Literature Review on Article 1
Introduction
The Information Security Policy (ISP) compliance is an empirical research study that investigates the rationality-based factors driving an organisation's employees to protect organisations' technological and information resources. The outcome of the research study projects the ISP being impacted by the employees' self-efficacy, normative beliefs, and attitude (Bulgurcu et al. 2010). The research's basis is to understand the employees' compliance behaviour, which is a critical aspect of leveraging human capital.
Research questions and objectives
The research questions and objectives of the research study need to address the effective questions comprising of the following points:
Literature Review
The authors or researchers have compiled various studies on information security (IS), which did not commensurate with the employees' compliance with rationality-driven behaviour. The gap of research is identified where the foremost IS journals have underrepresented the IS security research. The strength of the research study is recognising the employees' behaviour, which may pose a threat to the organisations due to their mistakes, ignorance, or deliberation on jeopardising the information security based on their attitude.
The theoretical framework of the research
The theoretical framework of the research study included the theory of planned behaviour and rational choice theory to comprehend the attitude, perceived behaviour control and subjective norms of the employees' intentions to comply with the ISP compliance. The theoretical implication includes immediate antecedents of the employees' attitude towards the compliance of ISP.
Research methodology
The research methodology included the survey method to test the models. The questionnaires reflected the ISP awareness and general ISA of the respondents through online surveys. The instrument pretesting and refinement of the categories were undertaken by graduate students who had experience in ISP compliance. The card sorting exercise helped sort the predefined categories for the survey in the researchers' pilot study.
Discussion on the findings
The research study's findings broadly classified three beliefs related to compliance consequences comprising the cost of compliance, cost of non-compliance, and benefit of compliance. The findings also included practical implication, which suggested that motivational factors reinforce an employee's compliance behaviour other than rewards or sanctions (Sommestad et al., 2014). The data collected included the response of 464 employees. The researchers have revealed that rewards help impact the employees' attitude on the benefit of compliance. The rewards may not lead to believe in mandatory ISP requirements. However, they motivate the employees to comply and bring in pro-security behaviour towards the organisation's security of information.
Research Limitation and future implications
The bias identified through the reach study reveals the first limitation of selecting the organisations' ISP participants. The perception-based ISA used by the researchers in the current study may be viewed as a limitation. The sanctions reflect the organisation's penalties on the employees in non-compliance with the ISP (Li & Han, 2021). Hence, the future study may include the investigation on the severity, celerity, and certainty of sanctions that impact the employees' perception of the cost of non-compliance to ISP.
Literature Review on Article 2
Rationale of literature review for the researchers
The researchers undertake literature review which helps in giving an insight to the prior knowledge on the topic. The authors of similar research areas are acknowledged in the literature review. Also, the significant gap is highlighted in the literature which creates the foundation to research on the gaps in the current study. The concept of the entire thesis is highlighted through the literature review on a topic.