Information security culture - validation of an assessment instrument
| dc.contributor.author | Da Veiga, A. | |
| dc.contributor.author | Martins, Nico | |
| dc.contributor.author | Eloff, Jan H.P. | |
| dc.date.accessioned | 2008-05-13T08:48:54Z | |
| dc.date.available | 2008-05-13T08:48:54Z | |
| dc.date.issued | 2007-04 | |
| dc.description.abstract | Organisations need to ensure that the interaction among people, as well as between people and information technology (IT) systems, contributes to the protection of information assets. Organisations therefore need to assess their employees' behaviour and attitudes towards the protection of information assets in order to establish whether employee behaviour is an asset or a threat to the protection of information. One approach that organisations could use is to assess whether an acceptable level of information security culture has been inculcated in the organisation and, if not, take corrective action. The aim of this paper is to validate an information security culture assessment instrument. This is achieved by performing a factor and reliability analysis on the data from an information security culture assessment in a financial organisation. The results of the analysis are used to identify areas for improving the information security culture assessment instrument. The study makes a contribution to the existing body of knowledge concerned with the assessment of information security culture and its value for management to ensure the protection of information assets. | en |
| dc.format.extent | 167459 bytes | |
| dc.format.mimetype | application/pdf | |
| dc.identifier.citation | Da Veiga, A, Martins, N & Eloff, JHP 2007, 'Information security culture - validation of an assessment instrument', Southern African Business Review, vol. 11, no. 1, pp. 147-166. [http://www.unisa.ac.za/sabusinessreview] | en |
| dc.identifier.issn | 1561-896X | |
| dc.identifier.uri | http://hdl.handle.net/2263/5254 | |
| dc.language.iso | en | en |
| dc.publisher | College of Economic and Management Sciences, University of South Africa | en |
| dc.rights | College of Economic and Management Sciences, University of South Africa | en |
| dc.subject | Information security | en |
| dc.subject | Information security culture | en |
| dc.subject | Information security awareness | en |
| dc.subject | Behaviour | en |
| dc.subject | Measure | en |
| dc.subject | Assess | en |
| dc.subject | Questionnaire | en |
| dc.subject | Validity | en |
| dc.subject | Reliability | en |
| dc.subject | Survey | en |
| dc.subject.lcsh | Leaks (Disclosure of information) | |
| dc.subject.lcsh | Confidential business information -- South Africa | |
| dc.subject.lcsh | Employees -- Attitudes | |
| dc.title | Information security culture - validation of an assessment instrument | en |
| dc.type | Article | en |