Identifying HRM Practices for Improving Information Security Performance

This article focuses on identifying key human resource management (HRM) practices necessary for improving information security performance from the perspective of IT professionals. The Importance-Performance Map Analysis (IPMA) via SmartPLS 3.0 was employed and 232 samples were collected from information technology (IT) professionals in 43 organizations. The analysis identified information security training, background checks and monitoring as very important HRM practices that could improve the performance of organizational information security. In particular, the study found training on mobile devices security and malware; background checks and monitoring of potential, current and former employees as of high importance but with low performance. Thus, these key areas need to be improved with top priority. Conversely, the study found accountability and employee relations as being overly emphasized by the organisations. The findings raised some useful implications and information for HR and IT leaders to consider in future information security strategy.

The Role of Human Resource Management in Enhancing Organizational Information Systems Security

Emerging human resource management (HRM) practices are focusing on background checks, training and development, employer-employee relations, responsibility and accountability, and monitoring of information systems security resources. Information systems security ensures that appropriate resources and adequate skills exist in the organization to effectively manage information security projects. This chapter examined the role of HRM in enhancing organizational information systems security. Using importance-performance map analysis, the study found training, background checks, and monitoring as crucial HRM practices that could enhance organizational information systems security. Moreover, four indicators, consisting of training on mobile devices security; malware management; background checks; and monitoring of potential, current, and former employees recorded high importance but with rather low performance. Consequently, these indicators should be improved. On the contrary, the organizations placed excessive focus on responsibility, accountability, and employee relations.

Identifying HRM Practices for Improving Information Security Performance

This article focuses on identifying key human resource management (HRM) practices necessary for improving information security performance from the perspective of IT professionals. The Importance-Performance Map Analysis (IPMA) via SmartPLS 3.0 was employed and 232 samples were collected from information technology (IT) professionals in 43 organizations. The analysis identified information security training, background checks and monitoring as very important HRM practices that could improve the performance of organizational information security. In particular, the study found training on mobile devices security and malware; background checks and monitoring of potential, current and former employees as of high importance but with low performance. Thus, these key areas need to be improved with top priority. Conversely, the study found accountability and employee relations as being overly emphasized by the organisations. The findings raised some useful implications and information for HR and IT leaders to consider in future information security strategy.

The Role of Human Resource Management in Enhancing Organizational Information Systems Security

Emerging human resource management (HRM) practices are focusing on background checks, training and development, employer-employee relations, responsibility and accountability, and monitoring of information systems security resources. Information systems security ensures that appropriate resources and adequate skills exist in the organization to effectively manage information security projects. This chapter examined the role of HRM in enhancing organizational information systems security. Using importance-performance map analysis, the study found training, background checks, and monitoring as crucial HRM practices that could enhance organizational information systems security. Moreover, four indicators, consisting of training on mobile devices security; malware management; background checks; and monitoring of potential, current, and former employees recorded high importance but with rather low performance. Consequently, these indicators should be improved. On the contrary, the organizations placed excessive focus on responsibility, accountability, and employee relations.

Before and After Ban the Box: Who Complies with Anti-Discrimination Law?

Ban the Box (BTB) laws are an anti-discrimination policy intended to promote employment for persons with criminal records. However, research on law and organizations shows that firms often fail to comply with legal directives or engage in symbolic compliance that fails to alter day-to-day business practices. We consider whether BTB contributed to attitudinal or behavioral shifts among hiring managers and changes in job applications. We analyze a unique set of in-depth interviews (N = 30) and entry-level job applications (N = 305) collected from the same workplaces in 2008 and 2016, assessing the impact of state BTB legislation. We find: (1) that one in five organizations were noncompliant, with noncompliance twice as likely among employers who discriminated against applicants with criminal records pre-BTB and that widespread lack of knowledge and lack of enforcement of BTB appears to affect noncompliance; (2) organizations maintained considerable continuity in hiring practices and attitudes between 2008 and 2016, regardless of personnel changes and statewide implementation of BTB; and (3) post-BTB, strong warnings about criminal background checks at later stages of the hiring process emerged as an alternative source of gatekeeping. These findings contribute to the law and organizations literature by highlighting the importance of enforcement and limits of law for combating discrimination.