Please use this identifier to cite or link to this item: http://hdl.handle.net/10125/64540

About the Measuring of Information Security Awareness: A Systematic Literature Review

File Size Format  
0644.pdf 206.2 kB Adobe PDF View/Open

Item Summary

dc.contributor.author Fertig, Tobias
dc.contributor.author Schütz, Andreas
dc.date.accessioned 2020-01-04T08:32:20Z
dc.date.available 2020-01-04T08:32:20Z
dc.date.issued 2020-01-07
dc.identifier.isbn 978-0-9981331-3-3
dc.identifier.uri http://hdl.handle.net/10125/64540
dc.description.abstract To make employees aware of their important role for information security, companies typically carry out security awareness campaigns. The success and effectiveness of those campaigns has to be measured to justify the budget for example. Therefore, we did a systematic literature review in order to learn how information security awareness (ISA) is measured in theory and practice. We covered published literature as well as unpublished information. The unpublished information was retrieved by interviewing experts of small and medium-sized enterprises. The results showed that ISA is mostly measured via questionnaires. Round about 40 % of the questionnaires are based on the Knowledge-Attitude-Behavior-Model which is itself scientifically weak. According to studies measuring knowledge is not sufficient and,behavior has to be measured. Our results show that the answers of participants in questionnaires often differ from the truth due to wrong perception or social desirability bias. Therefore, behavior should be measured through behavior tests.
dc.format.extent 10 pages
dc.language.iso eng
dc.relation.ispartof Proceedings of the 53rd Hawaii International Conference on System Sciences
dc.rights Attribution-NonCommercial-NoDerivatives 4.0 International
dc.rights.uri https://creativecommons.org/licenses/by-nc-nd/4.0/
dc.subject Security and Privacy Aspects of Human-Computer-Interactions
dc.subject assessment
dc.subject information security awareness
dc.subject measuring
dc.subject metrics
dc.title About the Measuring of Information Security Awareness: A Systematic Literature Review
dc.type Conference Paper
dc.type.dcmi Text
dc.identifier.doi 10.24251/HICSS.2020.798
Appears in Collections: Security and Privacy Aspects of Human-Computer-Interactions


Please email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons