Quyền lực lãnh đạo và sự tuân thủ chính sách an ninh thông tin của nhân viên

Anderson, J.C., and D.W. Gerbing. 1988. Structural equation modeling in practice: A review and recommended two-step approach. Psychological Bulletin 103 (3): 411–423. Atwater, L.E., and F.J. Yammarino. 1996. Bases of power in relation to leader behavior: A field investigation. Journal of Business and Psychology 11 (1): 3–22. Balozian, P., and D. Leidner. 2017. Review of IS security policy compliance: Toward the building blocks of an IS security theory. DATABASE for Advances in Information Systems. 48 (3): 11–43. Barbuto, J.E. 2000. Influence triggers: A framework for understanding follower compliance. The Leadership Quarterly. 11 (3): 365–387. Bass, B.M. 1985. Leadership and performance beyond expectations. NY: The Free Press. Bélanger, J.J., A. Pierro, and A.W. Kruglanski. 2015. Social power tactics and subordinates’ compliance at work: The role of need for cognitive closure. Revue Européenne de Psychologie Appliquée/European Review of Applied Psychology. 65 (4): 163–169. Bulgurcu, B., H. Cavusoglu, and I. Benbasat. 2009. Roles of information security awareness and perceived fairness in information security policy compliance. In The proceedings of european and mediterranean conference on information systems 2009, July 13–14, 1–11. Bulgurcu, B., H. Cavusoglu, and I. Benbasat. 2010. Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS Quarterly. 34 (3): 523–548. Chan, M., I. Woon, and A. Kankanhalli. 2005. Perceptions of information security in the workplace: Linking information security climate to compliant behavior. Journal of Information Privacy and Security. 1 (3): 18–41. Chin, W. 1998. The partial least squares approach to structural equation modeling. Modern Methods for Business Research 295 (2): 295–336. Chin, W., B. Marcolin, and P. Newsted. 2003. A partial least squares latent variable modeling approach for measuring interaction effects: Results from a Monte Carlo simulation study and an electronic-mail emotion/adoption study. Information Systems Research. 14 (2): 189–217. Choi, M. 2016. Leadership of information security manager on the effectiveness of information systems security for secure sustainable computing. Sustainability. 8 (7): 638. Cobb, A.T. 1980. Informal influence in the formal organization: Perceived sources or power among work unit peers. Academy of Management Journal 23 (1): 155–161. Conger, J.A., and R.N. Kanungo. 1987. Toward a behavioral theory of charismatic leadership in organizational settings. Academy of Management Review 12 (4): 637–647. Crisci, R., and H. Kassinove. 1973. Effect of perceived expertise, strength of advice, and environmental setting on parental compliance. The Journal of Social Psychology. 89 (2): 245–250. CSI/FBI. 2010/2011. 15th annual CSI/FBI computer crime and security survey. https://www.gocsi.com. Accessed 4 Oct 2018. Cybersecurity Ventures. 2017. Security awareness training report. A special report from the Editors at Cybersecurity Ventures. https://cybersecurityventures.com/security-awareness-training-report-2017/. Accessed 29 Dec 2017. D’Arcy, J., and T. Herath. 2011. A review and analysis of deterrence theory in the IS security literature: making sense of the disparate findings. European Journal of Information Systems. 20 (6): 643–658. D’Arcy, J., and A. Hovav. 2009. Does one size fit all? Examining the differential effects of IS security countermeasures. Journal of Business Ethics 89: 59–71. D’Arcy, J., A. Hovav, and D. Galletta. 2009. User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach. Information Systems Research. 20 (1): 79–98. Dhillon, G. 1999. Managing and controlling computer misuse. Information Management & Computer Security. 7 (4): 171–175. Elangovan, A.R., and J. Lin Xie. 2000. Effects of perceived power of supervisor on subordinate work attitudes. Leadership & Organization Development Journal. 21 (6): 319–328. Elias, S. 2008. Fifty years of influence in the workplace. Journal of Management History. 14 (3): 267–283. Ferguson, M., M.C. Sheehan, J.D. Davey, and B.C. Watson. 1999. Drink driving rehabilitation: The present context. Australian Transport Safety Bureau. http://eprints.qut.edu.au/7379/1/Alc_Rehab_2.pdf. Accessed 20 September 2017. Fornell, C., and D. Larcker. 1981. Evaluating structural equation models with unobservable variables and measurement error. Journal of Marketing Research 18 (1): 39–50. French, J.R., and B. Raven. 1959. The bases of social power. Studies in Social Power 6: 151–164. Grojean, M.W., C.J. Resick, M.W. Dickson, and D.B. Smith. 2004. Leaders, values, and organizational climate: Examining leadership strategies for establishing an organizational climate regarding ethics. Journal of Business Ethics 55 (3): 223–241. Haeussinger, F., and J. Kranz. 2013. Information security awareness: Its antecedents and mediating effects on security compliant behavior. In The proceedings of thirty fourth International Conference on Information Systems, Milan 2013, 1–16. Hair J., R. Anderson, R. Tatham, and W. Black. 1995. Multivariate data analysis: With readings. Upper Saddle River, NJ: Prentice-Hall Inc. Hallinger, P. 2003. Leading educational change: Reflections on the practice of instructional and transformational leadership. Cambridge Journal of Education 33 (3): 329–352. Han, J., Y.J. Kim, and H. Kim. 2017. An integrative model of information security policy compliance with psychological contract: Examining a bilateral perspective. Computers & Security. 66: 52–65. Herath, T., and H.R. Rao. 2009. Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness. Decision Support Systems 47 (2): 154–165. Herold, D.M. 1977. Two-way influence processes in leader-follower dyads. Academy of Management Journal 20 (2): 224–237. Hinkin, T.R., and C.A. Schriesheim. 1989. Development and application of new scales to measure the French and Raven (1959) bases of social power. Journal of Applied Psychology 74 (4): 561–567. Hu, Q., T. Dinev, P. Hart, and D. Cooke. 2012. Managing employee compliance with information security policies: The critical role of top management and organizational culture. Decision Sciences. 43 (4): 615–660. Humaidi, N., and V. Balakrishnan. 2015. Leadership styles and information security compliance behavior: The mediator effect of information security awareness. International Journal of Information and Education Technology. 5 (4): 311. Ivancevich, J.M., and J.H. Donnelly. 1970. Leader influence and performance. Personnel Psychology 23 (4): 539–549. Kim, H.J., J. Han, and A. Hovav. 2017. Does your manager have ‘information security intelligence’? In Proceedings of Eighth Workshop on Information Security and Privacy (WISP); 9 December 2017, Seoul. Kock, N. 2015. WarpPLS 5.0 User Manual. Laredo, TX: ScriptWarp Systems. Lian, L.K., and L.G. Tui. 2012. Supervisory power and satisfaction with supervision in Malaysian manufacturing companies: The moderating effect of work autonomy. African Journal of Business Management 6 (22): 6530–6545. Liang, H., Y. Xue, and L. Wu. 2013. Ensuring employees’ it compliance: Carrot or stick? Information Systems Research. 24 (2): 279–294. Lowry, P.B., and G.D. Moody. 2015. Proposing the control reactance compliance model (CRCM) to explain opposing motivations to comply with organisational information security policies. Information Systems Journal. 25 (5): 433–463. Lunenburg, F.C. 2012. Power and leadership: An influence process. International Journal of Management, Business, and Administration. 15 (1): 1–9. Ma, C.C.E., and R.M. Rapee. 2015. Differences in mathematical performance, creativity potential, and need for cognitive closure between Chinese and Australian students. The Journal of Creative Behavior. 49 (4): 295–310. McCormac, A., T. Zwaans, K. Parsons, D. Calic, M. Butavicius, and M. Pattinson. 2017. Individual differences and information security awareness. Computers in Human Behavior 69: 151–156. Padayachee, K. 2012. Taxonomy of compliant information security behavior. Computers & Security 31 (5): 673–680. Pearce, J.A., and R.B. Robinson. 1987. A measure of CEO social power in strategic decision-making. Strategic Management Journal 8 (3): 297–304. Pfeffer, J. 1992. Managing with power: Politics and influence in organizations. Massachusetts: Harvard Business Press. Ponemon Institute. 2016. Managing insider risk through training & culture, Ponemon Institute. https://www.experian.com/assets/data-breach/white-papers/experian-2016-ponemon-insider-risk-report.pdf. Accessed 20 Nov 2018. Posey, C., R.J. Bennett, and T.L. Roberts. 2011. Understanding the mindset of the abusive insider: An examination of insiders’ causal reasoning following internal security changes. Computers & Security. 30 (6): 486–497. Puhakainen, P., and M. Siponen. 2010. Improving employees’ compliance through information systems security training: An action research study. MIS Quarterly. 34 (4): 757–778. Rahim, M.A. 1989. Relationships of leader power to compliance and satisfaction with supervision: Evidence from a national sample of managers. Journal of Management. 15 (4): 545–556. Rahim, M.A., H.N. Kim, and J.S. Kim. 1994. Bases of leader power, subordinate compliance, and satisfaction with supervision: A cross-cultural study of managers in the US and S. Korea. The International Journal of Organizational Analysis 2 (2): 136–154. Rantos, K., K. Fysarakis, and C. Manifavas. 2012. How effective is your security awareness program? An evaluation methodology. Information Security Journal: A Global Perspective. 21 (6): 328–345. Raven, B.H. 1958. Legitimate power, coercive power, and observability in social influence. Sociometry 21 (2): 83–97. Schriesheim, C.A., and T.R. Hinkin. 1990. Influence tactics used by subordinates: A theoretical and empirical analysis and refinement of the Kipnis, Schmidt, and Wilkinson subscales. Journal of Applied Psychology 75 (3): 246–257. Shamir, B. 1991. Meaning, self and motivation in organizations. Organization Studies 12 (3): 405–424. Shamir, B., R.J. House, and M.B. Arthur. 1993. The motivational effects of charismatic leadership: A self-concept based theory. Organization Science 4 (4): 577–594. Siponen, M.T. 2000. A conceptual foundation for organizational information security awareness. Information Management & Computer Security. 8 (1): 31–41. Siponen, M., M.A. Mahmood, and S. Pahnila. 2009. Technical opinion are employees putting your company at risk by not following information security policies?. Communications of the ACM 52 (12): 145–147. Soomro, Z.A., M.H. Shah, and J. Ahmed. 2016. Information security management needs more holistic approach: A literature review. International Journal of Information Management 36 (2): 215–225. Straub, D. 1989. Validating instruments in MIS research. MIS Quarterly 13 (2): 147–169. Straub, D.W., and R.J. Welke. 1998. Coping with systems risk: Security planning models for management decision making. MIS Quarterly 22 (4): 441–469. Turel, O., Z. Xu., and K. Guo. 2017. Organizational citizenship behavior regarding security: Leadership approach perspective. Journal of Computer Information Systems, 1–15. McBride, M., L. Carter, and M. Warkentin. 2012. Exploring the role of individual employee characteristics and personality on employee compliance with cybersecurity policies. Prepared by RTI International–Institute for Homeland Security Solutions under contract 3-312-0212782. 1(1), 1–40. Vance, A., B.P. Lowry, and D. Eggett. 2015. Increasing accountability through user-interface design artifacts: A new approach to addressing the problem of access-policy violations. MIS Quarterly 39 (2): 345–366. Warkentin, M., A.C. Johnston, and J. Shropshire. 2011. The influence of the informal social learning environment on information privacy policy compliance efficacy and intention. European Journal of Information Systems 20 (3): 267–284. Whitman, M.E. 2004. In defense of the realm: Understanding the threats to information security. International Journal of Information Management 24 (1): 43–57. Whitman, M.E., A.M. Townsend, and R.J. Aalberts. 2001. Information systems security and the need for policy. In Information security management: Global challenges in the new millennium. IGI Global, 9–18 Williams, P.A. 2008. In a ‘trusting’ environment, everyone is responsible for information security. Information Security Technical Report 13 (4): 207–215. Yazdanmehr, A., and J. Wang. 2016. Employees’ information security policy compliance: A norm activation perspective. Decision Support Systems 92: 36–46. Yukl, G. 1999. An evaluation of conceptual weaknesses in transformational and charismatic leadership theories. The Leadership Quarterly 10 (2): 285–305.