{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,25]],"date-time":"2025-09-25T16:40:25Z","timestamp":1758818425140},"reference-count":0,"publisher":"IGI Global","issue":"2","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2007,4,1]]},"abstract":"<p>Taking a sequential qualitative-quantitative methodological approach, we propose and test a theoretical model that includes four variables through which top management can positively influence security effectiveness: user training, security culture, policy relevance, and policy enforcement. During the qualitative phase of the study, we generated the model based on textual responses to a series of questions given to a sample of 220 information security practitioners. During the quantitative phase, we analyzed survey data collected from a sample of 740 information security practitioners. After data collection, we analyzed the survey responses using structural equation modeling and found evidence to support the hypothesized model. We also tested an alternative, higher-order factor version of the original model that demonstrated an improved overall fit and general applicability across the various demographics of the sampled data. We then linked the finding of this study to existing top management support literature, general deterrence theory research, and the theoretical notion of the dilemma of the supervisor.<\/p>","DOI":"10.4018\/jisp.2007040103","type":"journal-article","created":{"date-parts":[[2011,2,15]],"date-time":"2011-02-15T18:54:18Z","timestamp":1297796058000},"page":"37-60","source":"Crossref","is-referenced-by-count":32,"title":["Information Security Effectiveness"],"prefix":"10.4018","volume":"1","author":[{"given":"Kenneth J.","family":"Knapp","sequence":"first","affiliation":[{"name":"US Air Force Academy, USA"}]},{"given":"Thomas E.","family":"Marshall","sequence":"additional","affiliation":[{"name":"Auburn University, USA"}]},{"given":"R. Kelly","family":"Rainer Jr.","sequence":"additional","affiliation":[{"name":"Auburn University, USA"}]},{"given":"F. Nelson","family":"Ford","sequence":"additional","affiliation":[{"name":"Auburn University, USA"}]}],"member":"2432","container-title":["International Journal of Information Security and Privacy"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=2460","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,2]],"date-time":"2022-06-02T03:56:24Z","timestamp":1654142184000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/jisp.2007040103"}},"subtitle":["Conceptualization and Validation of a Theory"],"short-title":[],"issued":{"date-parts":[[2007,4,1]]},"references-count":0,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2007,4]]}},"URL":"https:\/\/doi.org\/10.4018\/jisp.2007040103","relation":{},"ISSN":["1930-1650","1930-1669"],"issn-type":[{"value":"1930-1650","type":"print"},{"value":"1930-1669","type":"electronic"}],"subject":[],"published":{"date-parts":[[2007,4,1]]}}}