Information security culture - validation of an assessment instrument

Show simple item record

dc.contributor.author Da Veiga, A.
dc.contributor.author Martins, Nico
dc.contributor.author Eloff, Jan H.P.
dc.date.accessioned 2008-05-13T08:48:54Z
dc.date.available 2008-05-13T08:48:54Z
dc.date.issued 2007-04
dc.description.abstract Organisations need to ensure that the interaction among people, as well as between people and information technology (IT) systems, contributes to the protection of information assets. Organisations therefore need to assess their employees' behaviour and attitudes towards the protection of information assets in order to establish whether employee behaviour is an asset or a threat to the protection of information. One approach that organisations could use is to assess whether an acceptable level of information security culture has been inculcated in the organisation and, if not, take corrective action. The aim of this paper is to validate an information security culture assessment instrument. This is achieved by performing a factor and reliability analysis on the data from an information security culture assessment in a financial organisation. The results of the analysis are used to identify areas for improving the information security culture assessment instrument. The study makes a contribution to the existing body of knowledge concerned with the assessment of information security culture and its value for management to ensure the protection of information assets. en
dc.format.extent 167459 bytes
dc.format.mimetype application/pdf
dc.identifier.citation Da Veiga, A, Martins, N & Eloff, JHP 2007, 'Information security culture - validation of an assessment instrument', Southern African Business Review, vol. 11, no. 1, pp. 147-166. [http://www.unisa.ac.za/sabusinessreview] en
dc.identifier.issn 1561-896X
dc.identifier.uri http://hdl.handle.net/2263/5254
dc.language.iso en en
dc.publisher College of Economic and Management Sciences, University of South Africa en
dc.rights College of Economic and Management Sciences, University of South Africa en
dc.subject Information security en
dc.subject Information security culture en
dc.subject Information security awareness en
dc.subject Behaviour en
dc.subject Measure en
dc.subject Assess en
dc.subject Questionnaire en
dc.subject Validity en
dc.subject Reliability en
dc.subject Survey en
dc.subject.lcsh Leaks (Disclosure of information)
dc.subject.lcsh Confidential business information -- South Africa
dc.subject.lcsh Employees -- Attitudes
dc.title Information security culture - validation of an assessment instrument en
dc.type Article en


Files in this item

This item appears in the following Collection(s)

Show simple item record