{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,26]],"date-time":"2025-12-26T13:07:31Z","timestamp":1766754451080,"version":"3.41.2"},"reference-count":28,"publisher":"Emerald","issue":"2","license":[{"start":{"date-parts":[[2017,6,12]],"date-time":"2017-06-12T00:00:00Z","timestamp":1497225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ICS"],"published-print":{"date-parts":[[2017,6,12]]},"abstract":"\nPurpose<\/jats:title>\nThis paper aims to contribute to the understanding of goal setting in organizations, especially regarding the mitigation of conflicting productivity and security goals.<\/jats:p>\n<\/jats:sec>\n\nDesign\/methodology\/approach<\/jats:title>\nThis paper describes the results of a survey with 200 German employees regarding the effects of goal setting on employees\u2019 security compliance. Based on the survey results, a concept for setting information security goals in organizations building on actionable behavioral recommendations from information security awareness materials is developed. This concept was evaluated in three small- to medium-sized organizations (SMEs) with overall 90 employees.<\/jats:p>\n<\/jats:sec>\n\nFindings<\/jats:title>\nThe survey results revealed that the presence of rewards for productivity goal achievement is strongly associated with a decrease in security compliance. The evaluation of the goal setting concept indicates that setting their own information security goals is welcomed by employees.<\/jats:p>\n<\/jats:sec>\n\nResearch limitations\/implications<\/jats:title>\nBoth studies rely on self-reported data and are, therefore, likely to contain some kind of bias.<\/jats:p>\n<\/jats:sec>\n\nPractical implications<\/jats:title>\nGoal setting in organizations has to accommodate for situations, where productivity goals constrain security policy compliance. Introducing the proposed goal setting concept based on relevant actionable behavioral recommendations can help mitigate issues in such situations.<\/jats:p>\n<\/jats:sec>\n\nOriginality\/value<\/jats:title>\nThis work furthers the understanding of the factors affecting employee security compliance. Furthermore, the proposed concept can help maximizing the positive effects of goal setting in organizations by mitigating the negative effects through the introduction of meaningful and actionable information security goals.<\/jats:p>\n<\/jats:sec>","DOI":"10.1108\/ics-03-2017-0014","type":"journal-article","created":{"date-parts":[[2017,4,27]],"date-time":"2017-04-27T07:54:51Z","timestamp":1493279691000},"page":"137-151","source":"Crossref","is-referenced-by-count":12,"title":["Productivity vs security: mitigating conflicting goals in organizations"],"prefix":"10.1108","volume":"25","author":[{"given":"Peter","family":"Mayer","sequence":"first","affiliation":[]},{"given":"Nina","family":"Gerber","sequence":"additional","affiliation":[]},{"given":"Ronja","family":"McDermott","sequence":"additional","affiliation":[]},{"given":"Melanie","family":"Volkamer","sequence":"additional","affiliation":[]},{"given":"Joachim","family":"Vogt","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"issue":"2","key":"key2020120705284128700_ref001","doi-asserted-by":"crossref","first-page":"179","DOI":"10.1016\/0749-5978(91)90020-T","article-title":"The theory of planned behavior","volume":"50","year":"1991","journal-title":"Organizational Behavior and Human Decision Processes"},{"key":"key2020120705284128700_ref002","doi-asserted-by":"crossref","first-page":"122","DOI":"10.1037\/0003-066X.37.2.122","article-title":"Self-efficacy mechanism in human agency","volume":"37","year":"1982","journal-title":"American Psychologist"},{"article-title":"NoPhish: An Anti-Phishing Education App","volume-title":"Security and Trust Management: STM 2014. Lecture Notes in Computer Science","year":"2014","key":"key2020120705284128700_ref003"},{"issue":"5","key":"key2020120705284128700_ref004","doi-asserted-by":"crossref","first-page":"672","DOI":"10.1037\/0021-9010.77.5.672","article-title":"Quality and quantity goals in a complex decision task: strategies and outcomes","volume":"77","year":"1992","journal-title":"Journal of Applied Psychology"},{"issue":"7","key":"key2020120705284128700_ref005","doi-asserted-by":"crossref","first-page":"675","DOI":"10.1177\/0146167298247001","article-title":"The joint effects of target and purpose goals on intrinsic motivation: a mediational analysis","volume":"24","year":"1998","journal-title":"Personality and Social Psychology Bulletin"},{"issue":"4","key":"key2020120705284128700_ref006","doi-asserted-by":"crossref","first-page":"615","DOI":"10.1111\/j.1540-5915.2012.00361.x","article-title":"Managing employee compliance with information security policies: the critical role of top management and organizational culture","volume":"43","year":"2012","journal-title":"Decision Sciences Journal"},{"issue":"1","key":"key2020120705284128700_ref007","doi-asserted-by":"crossref","first-page":"83","DOI":"10.1016\/j.cose.2011.10.007","article-title":"Understanding information systems security policy compliance: an integration of the theory of planned behavior and the protection motivation theory","volume":"31","year":"2012","journal-title":"Computers & Security"},{"key":"key2020120705284128700_ref008","unstructured":"Keyfacts Online Access Panel (2016), available at: www.keyfacts-gmbh.de (accessed 15 January 2016)."},{"volume-title":"Punished by Rewards: The Trouble with Gold Stars, Incentive Plans, A\u2019s, Praise, and Other Bribes","year":"1999","key":"key2020120705284128700_ref009"},{"key":"key2020120705284128700_ref010","first-page":"509","article-title":"NoPhish: Evaluation of a web application that teaches people being aware of phishing attacks","volume-title":"INFORMATIK 2016, Lecture Notes in Informatics (LNI)","year":"2016"},{"key":"key2020120705284128700_ref011","doi-asserted-by":"crossref","first-page":"753","DOI":"10.1037\/0021-9010.73.4.753","article-title":"Resolving scientific disputes by the joint design of crucial experiments by the antagonists: application to the Erez\u2013Latham dispute regarding participation in goal setting","volume":"73","year":"1988","journal-title":"Journal of Applied Psychology"},{"key":"key2020120705284128700_ref012","doi-asserted-by":"crossref","first-page":"133","DOI":"10.1016\/S0378-7206(02)00043-5","article-title":"\u201cAIMQ: a methodology for information quality assessment\u201c","volume":"40","year":"2002","journal-title":"Information & Management"},{"volume-title":"A Theory of Goal Setting and Task Performance","year":"1990","key":"key2020120705284128700_ref013"},{"issue":"9","key":"key2020120705284128700_ref014","doi-asserted-by":"crossref","first-page":"705","DOI":"10.1037\/0003-066X.57.9.705","article-title":"Building a practically useful theory of goal setting and task motivation: a 35-year odyssey","volume":"57","year":"2002","journal-title":"American Psychologist"},{"key":"key2020120705284128700_ref016","doi-asserted-by":"crossref","first-page":"152","DOI":"10.1037\/0021-9010.74.1.152","article-title":"\u201cOrganizational commitment and job performance: it\u2019s nature of the commitment that counts\u201d","volume":"74","year":"1989","journal-title":"Journal of Applied Psychology"},{"key":"key2020120705284128700_ref017","unstructured":"oFb - der onlineFragebogen (2016), available at: www.soscisurvey.de (accessed 22 October 2015)."},{"first-page":"156","article-title":"\u201cEmployees\u2019 behavior towards IS security policy compliance","year":"2007","key":"key2020120705284128700_ref018"},{"issue":"1","key":"key2020120705284128700_ref019","doi-asserted-by":"crossref","first-page":"22","DOI":"10.1026\/\/0932-4089.46.1.22","article-title":"Effekte zielorientierter F\u00fchrungssysteme \u2013 Entwicklung und Validierung des Zielvereinbarungsbogens (ZVB)","volume":"46","year":"2002","journal-title":"Zeitschrift f\u00fcr Arbeits- und Organiationspsychologie"},{"issue":"1","key":"key2020120705284128700_ref020","doi-asserted-by":"crossref","first-page":"68","DOI":"10.1037\/0003-066X.55.1.68","article-title":"Self-determination theory and the facilitation of intrinsic motivation, social development, and well-being","volume":"55","year":"2000","journal-title":"American Psychologis"},{"issue":"2","key":"key2020120705284128700_ref021","first-page":"93","article-title":"Psychometrische Eigenschaften und Validit\u00e4t einer deutschen Fassung des \u2018Commitment\u2019-Fragebogens von Allen und Meyer (1990)","volume":"19","year":"1998","journal-title":"Zeitschrift f\u00fcr Differentielle und Diagnostische Psychologie"},{"article-title":"A review of the theory of planned behaviour in the context of information security policy compliance\u201d","volume-title":"Security and Privacy Protection in Information Processing Systems","year":"2013","key":"key2020120705284128700_ref022"},{"issue":"1","key":"key2020120705284128700_ref023","doi-asserted-by":"crossref","first-page":"42","DOI":"10.1108\/IMCS-08-2012-0045","article-title":"Variables influencing information security policy compliance: a systematic review of quantitative studies","volume":"22","year":"2014","journal-title":"Information Management & Computer Security"},{"first-page":"135","article-title":"Teaching Phishing-Security: which way is best?","year":"2016","key":"key2020120705284128700_ref024"},{"issue":"6","key":"key2020120705284128700_ref025","doi-asserted-by":"crossref","first-page":"1228","DOI":"10.1037\/0021-9010.90.6.1228","article-title":"\u201cOrganizational error management culture and its impact on performance: a two-study replication\u201d","volume":"90","year":"2005","journal-title":"Journal of Applied Psychology"},{"issue":"2","key":"key2020120705284128700_ref026","doi-asserted-by":"crossref","first-page":"79","DOI":"10.1016\/j.obhdp.2013.07.006","article-title":"\u201cThe dark side of consecutive high performance goals: linking goal setting, depletion, and unethical behavior\u201d","volume":"123","year":"2014","journal-title":"Organizational Behavior and Human Decision Processes"},{"key":"key2020120705284128700_ref027","unstructured":"Wilson, M. and Hash, J. (2003), \u201cBuilding an information technology security awareness and training program\u201d, National Institute of Standards and Technology, available at: http:\/\/csrc.nist.gov\/publications\/nistpubs\/800-50\/NIST-SP800-50.pdf (accessed 15 March 2015)."},{"issue":"7","key":"key2020120705284128700_ref028","doi-asserted-by":"crossref","first-page":"993","DOI":"10.1177\/0018726713483630","article-title":"\u201cHow can companies decrease the disruptive effects of stretch goals? The moderating role of interpersonal- and informational- justice climates\u201c","volume":"66","year":"2013","journal-title":"Human Relations"},{"key":"key2020120705284128700_ref029","first-page":"293","article-title":"Participation in decision- making: an information exchange perspective","volume-title":"Research in Personnel and Human Resources Management","year":"1997"}],"container-title":["Information & Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-03-2017-0014\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-03-2017-0014\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T01:22:45Z","timestamp":1753406565000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/25\/2\/137-151\/110963"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,6,12]]},"references-count":28,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2017,6,12]]}},"alternative-id":["10.1108\/ICS-03-2017-0014"],"URL":"https:\/\/doi.org\/10.1108\/ics-03-2017-0014","relation":{},"ISSN":["2056-4961"],"issn-type":[{"type":"print","value":"2056-4961"}],"subject":[],"published":{"date-parts":[[2017,6,12]]}}}