Abstract

This research-in-progress study examines how accountability—the expectation that one will be required to answer for one’s actions, and justification—the requirement to give reasons for performing an action—can reduce instances of break-the-glass violations—can encourage compliance with data access policies. We examine whether justification can embolden users to break the glass in warranted situations, and deter users in inappropriate situations. We propose a series of lab experiments to test our hypotheses. We expect that our results will have implications for research on information security policy (ISP) compliance and practice.

Share

COinS