The Development of the Human Aspects of Information Security Questionnaire (HAIS-Q)
نویسندگان
چکیده
The Human Aspects of Information Security Questionnaire (HAIS-Q) is being developed using a hybrid inductive, exploratory approach, for the purpose of evaluating information security threats caused by employees within organisations. This study reports on the conceptual development and pre-testing of the HAIS-Q. Results from 500 Australian employees were then used to examine the reliability of the HAIS-Q, as well as the relationships between knowledge of policy and procedures, attitude towards policy and procedures and behaviour when using a work computer. Results indicate significant, positive relationships between all variables. However, both qualitative and quantitative results indicate the direct influence of knowledge of policy and procedure accounted for far less of the variance in self-reported behaviour than attitude towards policy and procedure. Implications for training and education campaigns and plans for future research to further develop this questionnaire are outlined.
منابع مشابه
Test-retest reliability and internal consistency of the Human Aspects of Information Security Questionnaire (HAIS-Q)
This paper reports on an evaluation of the test-retest reliability and internal consistency of the Human Aspects of Information Security Questionnaire (HAIS-Q), a measure designed to capture an individual’s knowledge, attitude and self-reported behaviour towards information security in the workplace. The analyses focused on responses from 197 working Australians, who completed two iterations of...
متن کاملDetermining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q)
It is increasingly acknowledged that many threats to an organisation’s computer systems can be attributed to the behaviour of computer users. To quantify these human-based information security vulnerabilities, we are developing the Human Aspects of Information Security Questionnaire (HAIS-Q). The aim of this paper was twofold. The first aim was to outline the conceptual development of the HAIS-...
متن کاملNaïve and Accidental Behaviours that Compromise Information Security: What the Experts Think
The aim of the present study was twofold. First it aimed to elicit Information Security (InfoSec) experts’ perceptions about the most important naïve and accidental behaviours that could compromise the InfoSec of an organisation. The second aim was to use these findings to assess the relevance of behaviours that are currently measured by the Human Aspects of Information Security Questionnaire (...
متن کاملThe Information Security Awareness of Bank Employees
This paper presents research that assessed the Information Security Awareness (ISA) of employees of an Australian bank and compared these results with an identical survey of the Australian general workforce. The objective of this study was to establish a form of construct validity, specifically known-groups validity, of the Human Aspects of Information Security Questionnaire (HAIS-Q). For the p...
متن کاملFactors Affecting Planned Human Resource Development in the Iranian Social Security Organization’s Hospitals
Planned Human Resource Development is critical to educating a skilled and efficient workforce. The present study aimed at identifying the main factors of planned human resource development in Iranian Social Security Organization Hospitals. The study is done through analysis of a questionnaire designed after identification of the main variables. Iran Social Security Organisation hospitals (the m...
متن کامل