{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T13:01:04Z","timestamp":1773147664403,"version":"3.50.1"},"reference-count":41,"publisher":"Emerald","issue":"2","license":[{"start":{"date-parts":[[2006,4,1]],"date-time":"2006-04-01T00:00:00Z","timestamp":1143849600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2006,4,1]]},"abstract":"<jats:sec><jats:title content-type=\"abstract-heading\">Purpose<\/jats:title><jats:p>While a number of IS security researchers consider the threat posed by employees who perpetrate computer crime, there is currently a lack of insight into how the offender interacts with the criminal context both prior to and during commission. A greater understanding of this relationship may complement existing security practices by possibly highlighting new areas for safeguard implementation. To help facilitate a greater understanding of the offender\/environment dynamic, this paper, therefore, aims to assess the feasibility of applying three criminological theories to the IS security context. Rather than focusing on why people become criminals, these theories entitled routine activity theory, environmental criminology and the rational choice perspective, focus on the criminal act.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Design\/methodology\/approach<\/jats:title><jats:p>Drawing on an account of the Barings Bank collapse, events highlighted in the case study are used to assess whether concepts central to the theories are supported by the data.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Findings<\/jats:title><jats:p>Analysis indicates support for the concepts central to environmental criminology and the rational choice perspective. While case study evidence supports two of the concepts advanced by routine activity theory, as a whole the theory is found wanting, as the \u201cguardianship\u201d and \u201chandled offender\u201d concepts appear to lack the necessary sophistication to theoretically accommodate and explain supervisory and control failings cited in the case study.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Research limitations\/implications<\/jats:title><jats:p>While future research could encompass continued application of the theories to further assess their suitability for the IS domain, consideration could also be given to the application of the preventive tools and methods which have been developed in tandem with the three criminological approaches. Another stream of future research may involve the application of the theories in conjunction with existing security practices.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Practical implications<\/jats:title><jats:p>Greater knowledge of the offender\/context dynamic may feasibly enhance existing security practices by possibly highlighting new areas for safeguard implementation.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Originality\/value<\/jats:title><jats:p>From an IS security perspective, there is currently a lack of insight into the offender\/context dynamic. The paper presents a group of criminological theories, which have previously not been considered for application in the IS context. The theories may feasibly throw light on the behaviour of offenders in the criminal context, both prior to and during commission.<\/jats:p><\/jats:sec>","DOI":"10.1108\/09593840610673810","type":"journal-article","created":{"date-parts":[[2006,7,4]],"date-time":"2006-07-04T08:46:25Z","timestamp":1152002785000},"page":"170-186","source":"Crossref","is-referenced-by-count":25,"title":["Understanding the offender\/environment dynamic for computer crimes"],"prefix":"10.1108","volume":"19","author":[{"given":"Robert","family":"Willison","sequence":"first","affiliation":[]}],"member":"140","reference":[{"key":"key2022032120144944900_b1","unstructured":"BS ISO\/IEC 17799 (2000), Information Technology \u2013 Code of Practice for Information Security Management, British Standards Institute, London."},{"key":"key2022032120144944900_b2","doi-asserted-by":"crossref","unstructured":"Backhouse, J. and Dhillon, G. (1995), \u201cManaging computer crime: a research outlook\u201d, Computers and Security, Vol. 14 No. 7, pp. 645\u201051.","DOI":"10.1016\/0167-4048(95)00024-0"},{"key":"key2022032120144944900_b3","doi-asserted-by":"crossref","unstructured":"Becker, J. (1982), \u201cWho are the computer criminals?\u201d, ACM SIGCAS Computers and Society, Vol. 12 No. 1, pp. 18\u201020.","DOI":"10.1145\/957893.957898"},{"key":"key2022032120144944900_b4","unstructured":"Board of Banking Supervision (1995), Report of the Board of Banking Supervision Inquiry into the Circumstances of the Collapse of Barings, HMSO, London."},{"key":"key2022032120144944900_b5","unstructured":"Bottoms, A. and Wiles, P. (2002), \u201cEnvironmental criminology\u201d, in Maguire, M., Morgan, R. and Reiner, R. (Eds), The Oxford Handbook of Criminology, 3rd ed., Oxford University Press, Oxford, pp. 620\u201056."},{"key":"key2022032120144944900_b6","unstructured":"Brantingham, P. and Brantingham, P. (1984), Patterns in Crime, Macmillan, London."},{"key":"key2022032120144944900_b7","unstructured":"Brantingham, P. and Brantingham, P. (1991), Environmental Criminology, 2nd ed., Waveland Press, Prospect Heights, IL."},{"key":"key2022032120144944900_b8","doi-asserted-by":"crossref","unstructured":"Campbell, M. (1988), \u201cEthics and computer security: cause and effect\u201d, Proceedings of the 1988 ACM Sixteenth Annual Conference on Computer Science, Atlanta, GA.","DOI":"10.1145\/322609.322781"},{"key":"key2022032120144944900_b9","doi-asserted-by":"crossref","unstructured":"Cardinali, R. (1995), \u201cReinforcing our moral vision: examining the relationship between unethical behaviour and computer crime\u201d, Work Study, Vol. 44 No. 8, pp. 11\u201017.","DOI":"10.1108\/00438029510147745"},{"key":"key2022032120144944900_b10","unstructured":"Clarke, R. (1992), \u201cIntroduction\u201d, in Clarke, R. (Ed.), Situational Crime Prevention: Successful Case Studies, Harrow and Heston, Albany, NY, pp. 3\u201036."},{"key":"key2022032120144944900_b11","doi-asserted-by":"crossref","unstructured":"Clarke, R. (1995), \u201cSituational crime prevention\u201d, in Tonry, M. and Farrington, D. (Eds), Crime and Justice: A Review of Research,Vol. 19, University of Chicago Press, Chicago, IL, pp. 91\u2010150.","DOI":"10.1086\/449230"},{"key":"key2022032120144944900_b12","unstructured":"Clarke, R. (1997), \u201cIntroduction\u201d, in Clarke, R. (Ed.), Situational Crime Prevention: Successful Case Studies, 2nd ed., Harrow and Heston, Albany, NY, pp. 2\u201044."},{"key":"key2022032120144944900_b13","unstructured":"Clarke, R. and Cornish, D. (1985), \u201cModelling offender's decisions: a framework for policy and research\u201d, in Tonry, M. and Morris, N. (Eds), Crime and Justice: An Annual Review of Research,Vol. 6, University of Chicago Press, Chicago, IL, pp. 147\u201085."},{"key":"key2022032120144944900_b14","unstructured":"Clarke, R. and Cornish, D. (2001), \u201cRational choice\u201d, in Paternoster, R. and Bachman, R. (Eds), Explaining Crime and Criminals: Essays in Contemporary Criminological Theory, Roxbury Publishing Company, Los Angeles, CA, pp. 23\u201042."},{"key":"key2022032120144944900_b15","doi-asserted-by":"crossref","unstructured":"Cohen, L. and Felson, M. (1979), \u201cSocial change and crime rate trends: a routine activity approach\u201d, American Sociological Review, Vol. 44 No. 4, pp. 588\u2010608.","DOI":"10.2307\/2094589"},{"key":"key2022032120144944900_b16","unstructured":"Cornish, D. (1994), \u201cThe procedural analysis of offending and its relevance for situational prevention\u201d, in Clarke, R. (Ed.), Crime Prevention Studies,Vol. 3, Criminal Justice Press, Monsey, NY, pp. 151\u201096."},{"key":"key2022032120144944900_b17","unstructured":"Cornish, D. and Clarke, R. (1986), \u201cSituational prevention, displacement of crime and rational choice theory\u201d, in Heal, K. and Laycock, G. (Eds), Situational Crime Prevention: From Theory into Practice, HMSO, London, pp. 1\u201016."},{"key":"key2022032120144944900_b18","doi-asserted-by":"crossref","unstructured":"Dhillon, G. and Moores, S. (2001), \u201cComputer crimes: theorizing about the enemy within\u201d, Computers and Security, Vol. 20 No. 8, pp. 715\u201023.","DOI":"10.1016\/S0167-4048(01)00813-6"},{"key":"key2022032120144944900_b19","doi-asserted-by":"crossref","unstructured":"Dhillon, G., Silva, L. and Backhouse, J. (2004), \u201cComputer crime at CEFORMA: a case study\u201d, International Journal of Information Management, Vol. 24 No. 6, pp. 551\u201061.","DOI":"10.1016\/j.ijinfomgt.2004.08.009"},{"key":"key2022032120144944900_b20","doi-asserted-by":"crossref","unstructured":"Dufala, D. (1976), \u201cConvenience stores: Armed Robbery and physical environmental features\u201d, American Behavioral Scientist, Vol. 20, pp. 227\u201046.","DOI":"10.1177\/000276427602000205"},{"key":"key2022032120144944900_b21","unstructured":"Fay, S. (1996), The Collapse of Barings, Richard Cohen Books, London."},{"key":"key2022032120144944900_b22","doi-asserted-by":"crossref","unstructured":"Felson, M. (1986), \u201cLinking criminal choices, routine activities, informal control, and criminal outcomes\u201d, in Cornish, D. and Clarke, R. (Eds), The Reasoning Criminal: Rational Choice Perspectives on Offending, Springer\u2010Verlag, New York, NY, pp. 119\u201028.","DOI":"10.1007\/978-1-4613-8625-4_8"},{"key":"key2022032120144944900_b23","unstructured":"Gardner, H. (1985), The Mind's New Science: A History of the Cognitive Revolution, Basic Books, New York, NY."},{"key":"key2022032120144944900_b24","doi-asserted-by":"crossref","unstructured":"Harrington, S. (1995), \u201cComputer crime and abuse by IS employees\u201d, Journal of Systems Management, Vol. 46 No. 2, pp. 6\u201011.","DOI":"10.1016\/0142-0496(95)80064-6"},{"key":"key2022032120144944900_b25","doi-asserted-by":"crossref","unstructured":"Harrington, S. (1996), \u201cThe effects of ethics and personal denial of responsibility on computer abuse judgements and intentions\u201d, MIS Quarterly, Vol. 20 No. 3, pp. 257\u201077.","DOI":"10.2307\/249656"},{"key":"key2022032120144944900_b26","unstructured":"Hirschi, T. (1969), Causes of Delinquency, University of California Press, Los Angeles, CA."},{"key":"key2022032120144944900_b27","unstructured":"Hoffer, J. and Straub, D. (1989), \u201cThe 9 to 5 underground: are you policing computer crimes?\u201d, Sloan Management Review, Vol. 30 No. 4, pp. 35\u201043."},{"key":"key2022032120144944900_b28","doi-asserted-by":"crossref","unstructured":"Kesar, S. and Rogerson, S. (1998), \u201cDeveloping ethical practices to minimize computer misuse\u201d, Social Science Computer Review, Vol. 16 No. 3, pp. 240\u201051.","DOI":"10.1177\/089443939801600302"},{"key":"key2022032120144944900_b29","unstructured":"Parker, D. (1976), Crime by Computer, Charles Scribner's Sons, New York, NY."},{"key":"key2022032120144944900_b30","unstructured":"Parker, D. (1981), Computer Security Management, Reston Publishing Company Inc., Reston, VA."},{"key":"key2022032120144944900_b31","unstructured":"Parker, D. (1998), Fighting Computer Crime: A New Framework for Protecting Information, Wiley Computer Publishing, New York, NY."},{"key":"key2022032120144944900_b32","unstructured":"Schank, R. and Abelson, R. (1977), Scripts, Plans, Goals and Understanding: An Inquiry into Human Knowledge, Erlbaum, Hillsdale, NJ."},{"key":"key2022032120144944900_b33","unstructured":"Shaw, E., Ruby, K., Jerrold, M. and Post, M. (1998), \u201cThe insider threat to information systems\u201d, Security Awareness Bulletin, Vol. 2, pp. 27\u201046."},{"key":"key2022032120144944900_b34","doi-asserted-by":"crossref","unstructured":"Sherizen, S. (1995), \u201cCan computer crime be deterred?\u201d, Security Journal, Vol. 6 No. 2, pp. 177\u201081.","DOI":"10.1016\/0955-1662(94)00121-9"},{"key":"key2022032120144944900_b35","doi-asserted-by":"crossref","unstructured":"Straub, D. (1990), \u201cEffective IS security: an empirical study\u201d, Information Systems Research, Vol. 1 No. 3, pp. 255\u201076.","DOI":"10.1287\/isre.1.3.255"},{"key":"key2022032120144944900_b36","doi-asserted-by":"crossref","unstructured":"Straub, D. and Nance, W. (1990), \u201cDiscovering and disciplining computer abuse in organisations: a field study\u201d, MIS Quarterly, Vol. 14 No. 1, pp. 45\u201060.","DOI":"10.2307\/249307"},{"key":"key2022032120144944900_b37","doi-asserted-by":"crossref","unstructured":"Straub, D. and Welke, R. (1998), \u201cCoping with systems risks: security planning models for management decision making\u201d, MIS Quarterly, Vol. 22 No. 4, pp. 441\u201069.","DOI":"10.2307\/249551"},{"key":"key2022032120144944900_b38","doi-asserted-by":"crossref","unstructured":"Willison, R. (2000), \u201cReducing computer fraud through situational crime prevention\u201d, in Qing, S. and Eloff, J. (Eds), Information Security for Global Information Infrastructures, Kluwer Academic Press, Boston, MA, pp. 99\u2010109.","DOI":"10.1007\/978-0-387-35515-3_11"},{"key":"key2022032120144944900_b39","unstructured":"Willison, R. (2002), \u201cOpportunities for computer abuse: assessing a crime specific approach in the case of Barings Bank\u201d, unpublished PhD thesis, London School of Economics and Political Science, London."},{"key":"key2022032120144944900_b40","unstructured":"Willison, R. (2005), \u201cConsidering the offender: addressing the procedural stages of computer crime in an organisational context\u201d, Working Paper No. 9, Department of Informatics, Copenhagen Business School, Copenhagen."},{"key":"key2022032120144944900_b41","unstructured":"Wood, B. (2002), \u201cAn insider threat model for adversary simulation\u201d, Research on Mitigating the Insider Threat to Information Systems \u2013 #2, Proceedings of a Workshop held by RAND, SRI International, Menlo Park, CA."}],"container-title":["Information Technology &amp; People"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/09593840610673810","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09593840610673810\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09593840610673810\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T00:36:48Z","timestamp":1753403808000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/itp\/article\/19\/2\/170-186\/184459"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006,4,1]]},"references-count":41,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2006,4,1]]}},"alternative-id":["10.1108\/09593840610673810"],"URL":"https:\/\/doi.org\/10.1108\/09593840610673810","relation":{},"ISSN":["0959-3845"],"issn-type":[{"value":"0959-3845","type":"print"}],"subject":[],"published":{"date-parts":[[2006,4,1]]}}}