ICT615 Literature Review On Provided Articles Homework 2 Answer

Answer :

Literature Review on Article 1

Introduction

The Information Security Policy (ISP) compliance is an empirical research study that investigates the rationality-based factors driving an organisation's employees to protect organisations' technological and information resources. The outcome of the research study projects the ISP being impacted by the employees' self-efficacy, normative beliefs, and attitude (Bulgurcu et al. 2010). The research's basis is to understand the employees' compliance behaviour, which is a critical aspect of leveraging human capital. 

Research questions and objectives

The research questions and objectives of the research study need to address the effective questions comprising of the following points: 

• To investigate the wide range of employee's beliefs on the whole assessment of compliance or non-compliance consequences that impact the attitude to ISP.
• To understand the beliefs on the outcomes of compliance and non-compliance on ISP.
• To gain insight into the role of Information Security Awareness (ISA) in creating an impact on the employees' beliefs on the compliance outcomes. 

Literature Review

The authors or researchers have compiled various studies on information security (IS), which did not commensurate with the employees' compliance with rationality-driven behaviour. The gap of research is identified where the foremost IS journals have underrepresented the IS security research. The strength of the research study is recognising the employees' behaviour, which may pose a threat to the organisations due to their mistakes, ignorance, or deliberation on jeopardising the information security based on their attitude. 

The theoretical framework of the research

The theoretical framework of the research study included the theory of planned behaviour and rational choice theory to comprehend the attitude, perceived behaviour control and subjective norms of the employees' intentions to comply with the ISP compliance. The theoretical implication includes immediate antecedents of the employees' attitude towards the compliance of ISP. 

Research methodology

The research methodology included the survey method to test the models. The questionnaires reflected the ISP awareness and general ISA of the respondents through online surveys. The instrument pretesting and refinement of the categories were undertaken by graduate students who had experience in ISP compliance. The card sorting exercise helped sort the predefined categories for the survey in the researchers' pilot study. 

Discussion on the findings

The research study's findings broadly classified three beliefs related to compliance consequences comprising the cost of compliance, cost of non-compliance, and benefit of compliance. The findings also included practical implication, which suggested that motivational factors reinforce an employee's compliance behaviour other than rewards or sanctions (Sommestad et al., 2014). The data collected included the response of 464 employees. The researchers have revealed that rewards help impact the employees' attitude on the benefit of compliance. The rewards may not lead to believe in mandatory ISP requirements. However, they motivate the employees to comply and bring in pro-security behaviour towards the organisation's security of information. 

Research Limitation and future implications

The bias identified through the reach study reveals the first limitation of selecting the organisations' ISP participants. The perception-based ISA used by the researchers in the current study may be viewed as a limitation. The sanctions reflect the organisation's penalties on the employees in non-compliance with the ISP (Li & Han, 2021). Hence, the future study may include the investigation on the severity, celerity, and certainty of sanctions that impact the employees' perception of the cost of non-compliance to ISP. 

Literature Review on Article 2

1. The current research paper discusses previous literature on the topic Bring Your Own Device (BYOD). The topic has been previously covered under the subject of IT consumerisation (Weeger et al., 2016). The term hints at adopting consumer applications, devices, and tools in the workplace invested by the employees. The previous literature highlighted the merits and demerits of IT consumerisation that contributed to employee performance while increasing their satisfaction level. 
2. The literature used in the current research study is reflected through the different contents taken from books, journal articles, and website pages. The sources are peer-reviewed which seems safe to be used for academic learning purposes. 
3. The literature review appears in one section with the sub-headings as IT consumerisation and BYOD. The content has been discussed in other sections, but the main topic is reflected in the main review literature. 
4. Yes, the literature review justifies the project. The literature review is well-structured with the sub-headings that discusses the topic of Bring Your Own Devices (BYOD) and IT consumerisation by thoroughly describing the trends (Doargajudhur & Dell, 2019). The background of the topic is projected through the introduction and abstract. The entire topic is well constructed with research methodology, research models, data analysis and discussion on findings, limitations and opportunities for further study on the project.

Rationale of literature review for the researchers 

The researchers undertake literature review which helps in giving an insight to the prior knowledge on the topic. The authors of similar research areas are acknowledged in the literature review. Also, the significant gap is highlighted in the literature which creates the foundation to research on the gaps in the current study. The concept of the entire thesis is highlighted through the literature review on a topic.