指導教授：許瑋元臺灣大學：資訊管理學研究所魏良丞Wei, Liang-ChengLiang-ChengWei2014-11-292018-06-292014-11-292018-06-292014http://ntur.lib.ntu.edu.tw//handle/246246/263517近年來資訊安全事件層出不窮。許多企業組織因資料外洩而蒙受鉅額損失。追究其原因，發現內部人員行為是非常關鍵的一環。現今已有諸多的內部控制制度(例如:資訊存取權限控管、電腦監控、教育訓練等)被廣泛使用來對抗組織內部的員工疏失與惡意犯罪行為。然而，沒有一個對策手段能夠百分之百地防範所有潛藏的違規事件。有的時候，違規事件的發現者會是組織內部的其他成員，因此組織需要倚賴這些人的揭弊才能夠及早修正會侵害到組織資訊安全的不當行為。為了探討影響員工舉發資訊安全違規事件之意圖，本研究以一般計畫行為理論與理性選擇理論為基礎，歸納出組織層次與個人層次上影響舉發態度與意圖之因素。研究結果發現組織與個人層次的利弊考量皆會影響舉發態度的形塑過程，進而提升了我們在應用員工舉發於對抗組織內部資訊安全違規事件上的認知。Insider abuse has always been a significant threat to information security management in organizations. In order to address this issue, this research proposes whistleblowing as another complementary measure to other existent approaches to strengthen the internal information security management. In particular, we focus on an investigation of employee intention to whistle-blow information security policy (ISP) violation. Drawing on the theory of planned behavior and rational choice theory, we develop a theoretical model to understand the factors at both organizational and individual levels that influence whistleblowing attitude and whistleblowing intention. Through a survey-based empirical test, we discover that both altruistic and egoistic concerns are involved in the development of whistleblowing attitudes. The results not only extend our understanding of whistleblowing motivation but also offer managers directions to promote disclosure of internal security breach.謝辭 II 摘要 IV Abstract V Table of Content VI List of Figures VIII List of Tables VIII Chapter 1. Introduction 1 　1.1 Research Background 1 　1.2 Research Motivation and Objective 2 Chapter 2. Literature Review 4 　2.1 Employee Compliance of Information Security Policy 4 　2.2 IT-related Whistleblowing 5 　2.3 Summary of Literature Review 8 Chapter 3. Model 9 　3.1 Theory of Planned Behavior 10 　3.2 Rational Choice Theory 11 　3.3 Altruistic Factors 13 　3.4 Egoistic Factors 14 　　Extrinsic Reward 15 　　Intrinsic Benefit 15 　　Work Retaliation Victimization 16 Chapter 4. Research Methodology 17 　4.1 Survey Design 17 　　Measure Development 17 　　Online Survey Layout 19 　　Pilot Test 20 　4.2 Data Collection 20 　　Sampling Procedure 20 　　Respondent Profile 21 Chapter 5. Analysis and Result 25 　5.1 Measurement Model 25 　　Reflective Measure 25 　　Formative Measure 26 　　Common Method Variance 31 　5.2 Structural Model 32 Chapter 6. Discussion and Implication 35 　6.1 Discussion 35 　6.2 Theoretical Contribution 37 　6.3 Managerial Implication 39 　6.4 Limitations and Future Research Direction 40 Chapter 7. Conclusion 43 References 44 Appendix A: A Thorough Review of Rational Choice Theory 48 Appendix B: Positive Consequences of Whistleblowing to Employing Organization 50 　Employee Problem Resolution 50 　Managerial Problem Resolution 51 　Avoidance of Accountability to External Parties 52 Appendix C: Negative Consequences of Whistleblowing to Employing Organization 54 Appendix D: Questionnaire Items (English) 56 Appendix E: Additional Analysis of Respondents with Whistleblowing Experience 581448634 bytesapplication/pdf論文公開時間：2014/07/29論文使用權限：同意有償授權(權利金給回饋學校)資訊安全違規事件內部舉發資訊安全個人行為研究一般計畫行為理論理性選擇理論thesishttp://ntur.lib.ntu.edu.tw/bitstream/246246/263517/1/ntu-103-R00725052-1.pdf