• Information Systems Review
• /
• v.18 no.4
• /
• pp.17-42
• /
• 2016

Information security incidents caused by authorized insiders are increasing in financial firms, and this increase is particularly increased by outsourced contractors. With the increase in outsourcing in financial firms, outsourced contractors having authorized right has become a threat and could violate an organization's information security policy. This study aims to analyze the differences between own employees and outsourced contractors and to determine the factors affecting the violation of information security policy to mitigate information security incidents. This study examines the factors driving employees to violate information security policy in financial firms based on the theory of planned behavior, general deterrence theory, and information security awareness, and the moderating effects of employee type between own employees and outsourced contractors. We used 363 samples that were collected through both online and offline surveys and conducted partial least square-structural equation modeling and multiple group analysis to determine the differences between own employees (246 samples, 68%) and outsourced contractors (117 samples, 32%). We found that the perceived sanction and information security awareness support the information security policy violation attitude and subjective norm, and the perceived sanction does not support the information security policy behavior control. The moderating effects of employee type in the research model were also supported. According to the t-test result between own employees and outsourced contractors, outsourced contractors' behavior control supported information security violation intention but not subject norms. The academic implications of this study is expected to be the basis for future research on outsourced contractors' violation of information security policy and a guide to develop information security awareness programs for outsourced contractors to control these incidents. Financial firms need to develop an information security awareness program for outsourced contractors to increase the knowledge and understanding of information security policy. Moreover, this program is effective for outsourced contractors.

• Korean journal of food and cookery science
• /
• v.23 no.5
• /
• pp.589-600
• /
• 2007

Recently, with the rapid expansion of the franchise restaurants, ensuring food safety has become essential for restaurant growth. Consequently, the need for food safety training and related material is in increasing demand. In this study, we identified potentially hazardous risk factors for ensuring food safety in restaurants through a food safety monitoring tool, and developed training materials for restaurant employees based on the results. The surveyed restaurants, consisting of 6 Korean restaurants and 1 Japanese restaurant were located in Seoul. Their average check was 15,500 won, ranging from 9,000 to 23,000 won. The range of their total space was 297.5 to $1322.4m^2$, and the amount of kitchen space per total area ranged from 4.4 to 30 percent. The mean score for food safety management performance was 57 out of 100 points, with a range of 51 to 73 points. For risk factor analysis, the most frequently cited sanitary violations involved the handwashing methods/handwashing facilities supplies (7.5%), receiving activities (7.5%), checking and recording of frozen/refrigerated foods temperature (0%), holding foods off the floor (0%), washing of fruits and vegetables (42%), planning and supervising facility cleaning and maintaining programs of facilities (50%), pest control (13%), and toilet equipped/cleaned (13%). Base on these results, the main points that were addressed in the hygiene training of restaurant employees included 4 principles and 8 concepts. The four principles consisted of personal hygiene, prevention of food contamination, time/temperature control, and refrigerator storage. The eight concepts included: (1) personal hygiene and cleanliness with proper handwashing, (2) approved food source and receiving management (3) refrigerator and freezer control, (4) storage management, (5) labeling, (6) prevention of food contamination, (7) cooking and reheating control, and (8) cleaning, sanitation, and plumbing control. Finally, a hygiene training manual and poster leaflets were developed as a food safety training materials for restaurants employees.