Understanding the Perpetration of Employee Computer Crime in the Organisational Context

 While hackers and viruses fuel the IS security concerns for organisations, the problems posed by employee computer crime should not be underestimated.  Indeed, a growing number of IS security researchers have turned their attention to the ‘insider’ threat.  However, to date, there has been a lack of insight into the relationship between the actual behaviour of offenders during the perpetration of computer crime, and the organisational context in which the behaviour takes place.  To address this deficiency, this paper advances two criminological theories, which it is argued can be used to examine the stages an offender must go through in order for a crime to be committed.  In addition, this paper illustrates how the two theories, entitled the Rational Choice Perspective and Situational Crime Prevention, can be applied to the IS domain, thereby offering a theoretical basis on which to analyse the offender/context relationship during the perpetration of computer crime. By so doing, practitioners may use these insights to inform and enhance the selection of safeguards in a bid to improve prevention programmes.