Abstract/Summary

It is a known fact that some employees misuse the organizational computers to do their personal work such as sending emails, surfing the Internet, chatting, playing games. These activities not only waste productive time of employees but also bring a risk factor to the organization. This affects organizations in the software industry very much as almost all of their employees are connected to the Internet throughout them day./ By introducing an Acceptable Use Policy (AUP) for an organization, it is believed that the computer misuse by its employees could be reduced. In many countries Acceptable Use Policies are used and they have been studied with various perspectives. In Sri Lankan context research on these areas are scarce. This research explored the situation in Sri Lanka with respect to AUPs and their effectiveness./ A descriptive study was carried out to identify the large and medium scale software development organizations that had implemented computer usage guidelines for employees. A questionnaire was used to gather information regarding employee’s usual computer usage behavior. Stratified random sampling was employed to draw a representative sample from the population./ Majority of the organizations have not employed a written guideline on acceptable use of work computers. The study results did not provide evidence to conclude that the presence or non presence of an AUP has a significant difference in computer use behaviors of employees. A significant negative correlation was observed between level of awareness about AUP and misuse. Access to the Internet and organizational settings were identified as significant factors that influence employee computer misuse behavior.