Abstract
In the technology-people-management chain, people are predominantly identified as the weakest link in properly securing information systems. Previous information security studies pursued an understanding of information security behaviour by investigating internal and external factors influencing such behaviour. With some information security studies placing great significance on the role of the situation, an external factor, when investigating human behaviour. Psychological Situationism research emphasises that behaviour is shaped mainly by the exigencies of a particular situation. An examination of information security literature indicated that the exigencies of computer system failure situations had not been explored as an external factor in influencing information security behaviour. Computer system failure situations are perceived by employees as crises that interrupt or prevent them from performing their everyday tasks. Irrespective of the technological failure, employees still need to get the job done. Because the situation and its exigencies are influential in determining and shaping behaviour, it has the potential to negatively influence employee information security behaviour. Insecure employee behaviour could cause negative outcomes for organisations, such as financial loss and damage to reputation. ..
Ph.D. (Applied Information Systems)