Fertig, TobiasSchütz, AndreasWeber, Kristin2021-12-242021-12-242022-01-04978-0-9981331-5-7http://hdl.handle.net/10125/80267Since the digital age requires interaction with digital services, the information security awareness (ISA) of everyone gets more important than ever. Since the ISA is defined as a set of aspects, it is not enough to increase the knowledge. This work focuses on the aspect of habits. Therefore, we used design science research to create an artifact which allows the automated measurement of habits. The automation can be achieved through a client-server application which tracks the behavior of employees in a GDPR-compliant way and calculates multiple metrics based on the tracked behavior. However, not all of the defined metrics are applicable in every company. Therefore, additional process iterations of the design science research methodology are required.10 pagesengAttribution-NonCommercial-NoDerivatives 4.0 InternationalSecurity and Privacy Aspects of Human-Computer-Interactionsautomated measurementhabitsinformation security awarenessmetricstext10.24251/HICSS.2022.925