{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,23]],"date-time":"2026-01-23T05:29:00Z","timestamp":1769146140533,"version":"3.49.0"},"reference-count":40,"publisher":"Emerald","issue":"1","license":[{"start":{"date-parts":[[2013,3,15]],"date-time":"2013-03-15T00:00:00Z","timestamp":1363305600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013,3,15]]},"abstract":"Purpose<\/jats:title>The purpose of this paper is to highlight the relation of psychosocial risks to information security (IS). Although psychosocial risks at the workplace have been extensively researched from a managerial point of view, their effect on IS has not been formally studied to the extent required by the gravity of the topic.<\/jats:p><\/jats:sec>Design\/methodology\/approach<\/jats:title>Based on existing research on psychosocial risks, their potential effects on IS are examined.<\/jats:p><\/jats:sec>Findings<\/jats:title>It is shown that as psychosocial risks affect people at the workplace, they diminish their ability to defend IS.<\/jats:p><\/jats:sec>Research limitations\/implications<\/jats:title>Psychosocial risks are identified as a factor in IS breakdown. Future research should be directed towards assessing the significance of the effects of various psychosocial risks on IS, creating an assessment methodology for the resulting IS posture of the organisation and devising mitigation methodologies.<\/jats:p><\/jats:sec>Practical implications<\/jats:title>The proposed approach will provide a significant part of the answer to the question of why IS fails when all prescribed measures and controls are in place and active. More effective controls for psychosocial risks at the workplace can be created as the incentive of upholding IS will be added to the equation of their mitigation.<\/jats:p><\/jats:sec>Social implications<\/jats:title>The organisational environment in which human beings are called upon to function in a secure manner will be redefined, along with what constitutes a \u201creasonable request\u201d from human operators in the context of IS.<\/jats:p><\/jats:sec>Originality\/value<\/jats:title>Bringing together psychosocial risks and IS in research will provide a better understanding of the shortcomings of human nature with respect to IS. Organisations and employees will benefit from the resulting psychosocial risk mitigation.<\/jats:p><\/jats:sec>","DOI":"10.1108\/09685221311314428","type":"journal-article","created":{"date-parts":[[2013,3,25]],"date-time":"2013-03-25T11:54:08Z","timestamp":1364212448000},"page":"53-65","source":"Crossref","is-referenced-by-count":11,"title":["Psychosocial risks"],"prefix":"10.1108","volume":"21","author":[{"given":"Evangelos D.","family":"Frangopoulos","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mariki M.","family":"Eloff","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lucas M.","family":"Venter","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"140","reference":[{"key":"key2022012820153622200_b1","unstructured":"Brun, J.\u2010P. (2003), La Sant\u00e9 Psychologique au Travail\u2026 de la D\u00e9finition du Probl\u00e8me aux Solutions, Universit\u00e9 Laval\/IRSST, Qu\u00e9bec."},{"key":"key2022012820153622200_b2","doi-asserted-by":"crossref","unstructured":"Carlotto, M.S. (2010), \u201cFatores de risco do tecnoestresse em trabalhadores que utilizam tecnologias de informa\u00e7\u00e3o e comunica\u00e7\u00e3o\u201d, Estud. psicol. (Natal), Vol. 15 No. 3, pp. 319\u201024, available at: www.scielo.br\/scielo.php?script=sci_arttext&pid=S1413\u2010294X2010000300012&lng=en&nrm=iso (accessed 20 February 2012).","DOI":"10.1590\/S1413-294X2010000300012"},{"key":"key2022012820153622200_b3","unstructured":"Cifre, E., Salanova, M., Mart\u00ednez\u2010P\u00e9rez, M.D., Mart\u00ednez, I., Llorens, S. and Grau, R. (2004), \u201cDeveloping a new tool to assess specific psychosocial risks among teleworkers: the RED\u2010TT questionnaire\u201d, Proceedings of the Third International Conference on Occupational Risk Prevention (ORP2004)."},{"key":"key2022012820153622200_b4","unstructured":"Cooper, C.L. (1994), \u201cThe costs of healthy work organizations\u201d, in Cooper, C.L. and Williams, S. (Eds), Creating Healthy Working Organizations, Wiley, Chichester, pp. 1\u20105, cited in Haubold, B. (2008), Les risques psychosociaux: Identifier, analyser, pr\u00e9venir les risques humains, \u00c9ditions d' Organisation Groupe Eyrolles, Paris."},{"key":"key2022012820153622200_b5","unstructured":"Cooper, C.L., Liukkonen, P. and Cartwright, S. (1997), Stress Prevention in the Workplace, Assessing the Costs and Benefits for Organisations, European Foundation for the Improvement of Living and Working Conditions, Dublin."},{"key":"key2022012820153622200_b6","unstructured":"Cox, T. (1993), Stress Research and Stress Management: Putting Theory to Work, Health & Safety Executive Contract Research Report No. 61\/1993, HSE Books, London."},{"key":"key2022012820153622200_b7","doi-asserted-by":"crossref","unstructured":"Cox, T., Griffiths, A. and Randall, R. (2003), \u201cA risk management approach to the prevention of work stress\u201d, in Schabracq, M., Winnubst, J. and Cooper, C. (Eds), The Handbook of Work and Health Psychology, Chapter 10, Wiley, Chichester, pp. 191\u2010206.","DOI":"10.1002\/0470013400.ch10"},{"key":"key2022012820153622200_b9","doi-asserted-by":"crossref","unstructured":"Da Veiga, A. and Eloff, J.H.P. (2010), \u201cA framework and assessment instrument for information security culture\u201d, Computers & Security, Vol. 29 No. 2, pp. 196\u2010207.","DOI":"10.1016\/j.cose.2009.09.002"},{"key":"key2022012820153622200_b10","unstructured":"EASHW (2002), European Week 2002: Preventing Psychosocial Risks at Work, European Agency for Health and Safety at Work, available at: http:\/\/ew2002.osha.europa.eu\/, cited in Leka, S. and Cox, T. (Eds) (2008). The European Framework for Psychosocial Risk Management: PRIMA\u2010EF, I\u2010WHO Publications, Nottingham."},{"key":"key2022012820153622200_b11","unstructured":"EASHW (2007), Expert Forecast on Emerging Psychosocial Risks Related to Occupational Safety and Health, Office for Official Publications of the European Communities, European Agency for Health and Safety at Work, Luxembourg, cited in Leka, S. and Cox, T. (Eds) (2008), The European Framework for Psychosocial Risk Management: PRIMA\u2010EF, I\u2010WHO Publications, Nottingham."},{"key":"key2022012820153622200_b12","unstructured":"Frangopoulos, E.D. (2007), \u201cSocial engineering and the ISO\/IEC 17799:2005 security standard: a study on effectiveness\u201d, MSc dissertation, University of South Africa, Pretoria."},{"key":"key2022012820153622200_b13","unstructured":"Frangopoulos, E.D., Eloff, M.M. and Venter, L.M. (2008), \u201cSocial aspects of information security\u201d, Peer\u2010Reviewed Proceedings of the ISSA 2008 Innovative Minds Conference."},{"key":"key2022012820153622200_b14","unstructured":"Frangopoulos, E.D., Eloff, M.M. and Venter, L.M. (2010), \u201cPsychological considerations in social engineering \u2013 the \u03a8\u2010wall as defense\u201d, IADIS International Journal on Computer Science and Information Systems, Vol. 5 No. 2, pp. 1\u201020."},{"key":"key2022012820153622200_b15","unstructured":"Friedman, H.H. and Amoo, T. (1999), \u201cRating the rating scales\u201d, Journal of Marketing Management, Vol. 9 No. 3, pp. 114\u201023."},{"key":"key2022012820153622200_b16","unstructured":"Gagn\u00e9, A., Muldner, K. and Beznosovet, K. (2008), \u201cIdentifying difference between security and other IT professionals: a qualitative analysis\u201d, Proceedings of the Second International Symposium on Human Aspects of Information Security & Assurance (HAISA 2008), pp. 69\u201079."},{"key":"key2022012820153622200_b18","doi-asserted-by":"crossref","unstructured":"Greitzer, F.L. and Frincke, D.A. (2010), \u201cCombining traditional cyber security audit data with psychosocial data: towards predictive modeling for insider threat mitigation\u201d, in Probst, C.W., Hunker, J., Gollmann, D. and Bishop, M. (Eds), Insider Threats in Cyber Security, Springer, New York, NY.","DOI":"10.1007\/978-1-4419-7133-3_5"},{"key":"key2022012820153622200_b19","doi-asserted-by":"crossref","unstructured":"Greitzer, F.L. and Hohimer, R.E. (2011), \u201cModeling human behavior to anticipate insider attacks\u201d, Journal of Strategic Security, Vol. IV No. 2, pp. 25\u201048.","DOI":"10.5038\/1944-0472.4.2.2"},{"key":"key2022012820153622200_b17","doi-asserted-by":"crossref","unstructured":"Greitzer, F.L., Noonan, C.F., Kangas, L.J. and Dalton, A.C. (2010), Identifying At\u2010risk Employees: A Behavioral Model for Predicting Potential Insider Threats, PNNL 19665, available at: www.pnl.gov\/main\/publications\/external\/technical_re\u2010ports\/PNNL\u201019665.pdf (accessed 24 February 2012).","DOI":"10.2172\/1000159"},{"key":"key2022012820153622200_b20","unstructured":"Haubold, B. (2008), Les risques psychosociaux: Identifier, analyser, pr\u00e9venir les risques humains, \u00c9ditions d' Organisation Groupe Eyrolles, Paris."},{"key":"key2022012820153622200_b21","unstructured":"Heskett, J.L., Sasser, W.E. and Schlesinger, L.A. (1997), The Service Pro\ufb01t Chain: How Leading Companies Link Pro\ufb01t and Growth to Loyalty Satisfaction, and Value, The Free Press, New York, NY, cited in Haubold, B. (2008), Les risques psychosociaux: Identifier, analyser, pr\u00e9venir les risques humains, \u00c9ditions d' Organisation Groupe Eyrolles, Paris."},{"key":"key2022012820153622200_b22","unstructured":"ILO (1986), Psychosocial factors at work: recognition and control, Occupational Safety and Health Series No. 56, International Labour Office, International Labour Organisation, Geneva."},{"key":"key2022012820153622200_b23","unstructured":"ILO (1998), Technical and ethical guidelines for workers' health surveillance, Occupational Safety and Health Series No. 72, International Labour Office, International Labour Organisation, Geneva."},{"key":"key2022012820153622200_b24","unstructured":"ILO (2012), Stress Prevention at Work Checkpoints: Practical Improvements for Stress Prevention in the Workplace, International Labour Office, International Labour Organisation, Geneva."},{"key":"key2022012820153622200_b25","unstructured":"Larson, W.J., Kirkpatrick, D.H., Sellers, J., Thomas, L.D. and Verma, D. (Eds) (2009), Applied Space Systems Engineering, McGraw\u2010Hill, New York, NY."},{"key":"key2022012820153622200_b26","doi-asserted-by":"crossref","unstructured":"Likert, R. (1974), \u201cThe method of constructing an attitude scale\u201d, in Maranell, G.M. (Ed.), Scaling: A Sourcebook of Behavioral Scientist, Chapter 19, Aldine Publishing, Chicago, IL, pp. 233\u201043.","DOI":"10.4324\/9781315128948-23"},{"key":"key2022012820153622200_b28","doi-asserted-by":"crossref","unstructured":"Mathieu, J.E. and Zajac, D.M. (1990), \u201cA review and meta\u2010analysis of the antecedents, correlates and consequences of organizational commitment\u201d, Psychological Bulletin, Vol. 108 No. 2, pp. 171\u201094, cited in Haubold, B. (2008), Les risques psychosociaux: Identifier, analyser, pr\u00e9venir les risques humains, \u00c9ditions d' Organisation Groupe Eyrolles, Paris.","DOI":"10.1037\/0033-2909.108.2.171"},{"key":"key2022012820153622200_b29","doi-asserted-by":"crossref","unstructured":"Michie, S. (2002), \u201cCauses and management of stress at work\u201d, Occupational Environmental Medicine, Vol. 59, pp. 67\u201072.","DOI":"10.1136\/oem.59.1.67"},{"key":"key2022012820153622200_b30","doi-asserted-by":"crossref","unstructured":"Probst, T.M., Gold, D. and Caborn, J. (2008), \u201cA preliminary evaluation of SOLVE: addressing psychosocial problems at work\u201d, Journal of Occupational Health Psychology, Vol. 13 No. 1, pp. 32\u201042.","DOI":"10.1037\/1076-8998.13.1.32"},{"key":"key2022012820153622200_b31","doi-asserted-by":"crossref","unstructured":"Schneider, B., Hanges, P.J., Smith, D.B. and Salvaggio, A.N. (2003), \u201cWhich comes first: employee attitudes or organizational, financial and market performance?\u201d, Journal of Applied Psychology, Vol. 88 No. 5, pp. 836\u201051, cited in Haubold, B. (2008), Les risques psychosociaux: Identifier, analyser, pr\u00e9venir les risques humains, \u00c9ditions d' Organisation Groupe Eyrolles, Paris.","DOI":"10.1037\/0021-9010.88.5.836"},{"key":"key2022012820153622200_b32","unstructured":"Schneier, B. (2004), Secrets and Lies: Digital Security in a Networked World, Wiley, New York, NY."},{"key":"key2022012820153622200_b33","unstructured":"Spector, P.E. (1997), Job Satisfaction: Application, Assessment, Causes, and Consequences, Sage, Thousand Oaks, CA, p. 104, cited in Haubold, B. (2008), Les risques psychosociaux: Identifier, analyser, pr\u00e9venir les risques humains, \u00c9ditions d' Organisation Groupe Eyrolles, Paris."},{"key":"key2022012820153622200_b34","doi-asserted-by":"crossref","unstructured":"Trompeter, C.M. and Eloff, J.H.P. (2001), \u201cA framework for the implementation of socio\u2010ethical controls in information security\u201d, Computers & Security, Vol. 20 No. 5, pp. 384\u201091.","DOI":"10.1016\/S0167-4048(01)00507-7"},{"key":"key2022012820153622200_b35","doi-asserted-by":"crossref","unstructured":"Vandenberg, R.J., Richardson, H.A. and Eastman, L.J. (1999), \u201cThe impact of high involvement work processes on organizational effectiveness: a second order latent variable approach\u201d, Group & Organization Management, Vol. 24 No. 3, pp. 300\u201039, cited in Haubold, B. (2008). Les risques psychosociaux: Identifier, analyser, pr\u00e9venir les risques humains, \u00c9ditions d' Organisation Groupe Eyrolles, Paris.","DOI":"10.1177\/1059601199243004"},{"key":"key2022012820153622200_b36","unstructured":"Verizon (2009), Data Breach Investigation Report, available at: www.verizonbusiness.com\/resources\/executivebriefs\/eb_2009_DBIR_snapshot_en_xg.pdf (accessed 20 February 2012)."},{"key":"key2022012820153622200_b37","unstructured":"Verizon (2010), Data Breach Investigation Report, available at: www.verizonbusiness.com\/resources\/executivesummaries\/es_2010\u2010data\u2010breach\u2010report_en_xg.pdf (accessed 20 February 2012)."},{"key":"key2022012820153622200_b38","unstructured":"Verizon (2011), Data Breach Investigation Report, available at: www.verizonbusiness.com\/resouces\/executivesummary\/es_2011\u2010data\u2010breach\u2010investigations\u2010report_en_xg.pdf (accessed 20 February 2012)."},{"key":"key2022012820153622200_b39","doi-asserted-by":"crossref","unstructured":"Vyhmeister, R., Mondelo, P.R. and Novella, M. (2006), \u201cTowards a model for assessing workers' risks resulting from the implementation of information and communication systems and technologies\u201d, Human Factors and Ergonomics in Manufacturing & Service Industries, Vol. 16 No. 1, pp. 39\u201059.","DOI":"10.1002\/hfm.20044"},{"key":"key2022012820153622200_b40","unstructured":"Webster, S., Buckley, P. and Rose, I. (2007), Psychosocial Working Conditions in Britain in 2007, Health & Safety Executive (HSE), available at: www.hse.gov.uk\/statistics\/pdf\/pwc2007.pdf (accessed 19 February 2012)."},{"key":"key2022012820153622200_frd1","doi-asserted-by":"crossref","unstructured":"Cox, T. and Griffiths, A. (2003), \u201cCommentary III: monitoring the changing organization of work: a commentary\u201d, Sozial\u2010und Pr\u00e4ventivmedizin\/Social and Preventive Medicine, Vol. 48, pp. 354\u20105.","DOI":"10.1007\/s00038-003-0028-z"},{"key":"key2022012820153622200_frd2","doi-asserted-by":"crossref","unstructured":"Leka, S. and Cox, T. (Eds) (2008), The European Framework for Psychosocial Risk Management: PRIMA\u2010EF, I\u2010WHO Publications, Nottingham.","DOI":"10.1037\/e573012012-165"}],"container-title":["Information Management & Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/09685221311314428","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685221311314428\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685221311314428\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T00:09:27Z","timestamp":1753402167000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/21\/1\/53-65\/176355"}},"subtitle":["Can their effects on the security of information systems really be ignored?"],"editor":[{"given":"Steven M.","family":"Furnell","sequence":"first","affiliation":[],"role":[{"role":"editor","vocabulary":"crossref"}]}],"short-title":[],"issued":{"date-parts":[[2013,3,15]]},"references-count":40,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2013,3,15]]}},"alternative-id":["10.1108\/09685221311314428"],"URL":"https:\/\/doi.org\/10.1108\/09685221311314428","relation":{},"ISSN":["0968-5227"],"issn-type":[{"value":"0968-5227","type":"print"}],"subject":[],"published":{"date-parts":[[2013,3,15]]}}}