ALL libraries (COBIB.SI union bibliographic/catalogue database)
-
A systematic review of scales for measuring information security culture [Elektronski vir]Orehek, Špela ; Petrič, GregorPurpose - The concept of information security culture, which recently gained increased attention, aims to comprehensively grasp socio-cultural mechanisms that have an impact on organizational ... security. Different measurement instruments have been developed to measure and assess information security culture using survey-based tools. However, the content, breadth and face validity of these scales vary greatly. This study aims to identify and provide an overview of the scales that are used to measure information security culture and to evaluate the rigor of reported scale development and validation procedures. Design/methodology/approach - Papers that introduce a new or adapt an existing scale of information security culture were systematically reviewed to evaluate scales of information security culture. A standard search strategy was applied to identify 19 relevant scales, which were evaluated based on the framework of 16 criteria pertaining to the rigor of reported operationalization and the reported validity and reliability of the identified scales. Findings - The results show that the rigor with which scales of information security culture are validated varies greatly and that none of the scales meet all the evaluation criteria. Moreover, most of the studies provide somewhat limited evidence of the validation of scales, indicating room for further improvement. Particularly, critical issues seem to be the lack of evidence regarding discriminant and criterion validity and incomplete documentation of the operationalization process. Research limitations/implications - Researchers focusing on the human factor in information security need to reach a certain level of agreement on the essential elements of the concept of information security culture. Future studies need to build on existing scales, address their limitations and gain further evidence regarding the validity of scales of information security culture. Further research should also investigate the quality of definitions and make expert assessments of the content fit between concepts and items. Practical implications - Organizations that aim to assess the level of information security culture among employees can use the results of this systematic review to support the selection of an adequate measurement scale. However, caution is needed for scales that provide limited evidence of validation. Originality/value - This is the first study that offers a critical evaluation of existing scales of information security culture. The results have decision-making value for researchers who intend to conduct survey-based examinations of information security culture.Source: Information and computer security [Elektronski vir]. - ISSN 2056-497X (Vol. 29, no. 1, 2021, str. 133-158)Type of material - e-articlePublish date - 2021Language - englishCOBISS.SI-ID - 45116931
Author
Orehek, Špela |
Petrič, Gregor
Topics
information security culture |
information security |
measurement |
scales |
validity |
systematic review |
surveys |
assessments |
methodology |
meta-analysis
Author | Orehek, Špela ; Petrič, Gregor |
Title | A systematic review of scales for measuring information security culture [Elektronski vir] |
Publication date | 2020-04-12 |
COBISS.SI-ID | 45116931 |
Publication version in repository | Publisher's version |
Publication licence | Creative Commons Attribution 4.0 International |
Embargo | Immediate publication for public |
Project(s) from which the publication was funded
Title | Acronym | Project ID | Funder |
---|---|---|---|
Družboslovna metodologija, statistika in informatika | P5-0168-2022 |
Javna agencija za znanstvenoraziskovalno in inovacijsko dejavnost Republike Slovenije |
Files that belong to the publication
Link |
---|
https://d.cobiss.net/repository/si/files/45116931/123299/Orehek-Petrič_A-systematic-review-of-scales.pdf |
https://repozitorij.uni-lj.si/IzpisGradiva.php?id=124723 |
Shelf entry
Permalink
- URL:
Impact factor
Access to the JCR database is permitted only to users from Slovenia. Your current IP address is not on the list of IP addresses with access permission, and authentication with the relevant AAI accout is required.
Year | Impact factor | Edition | Category | Classification | ||||
---|---|---|---|---|---|---|---|---|
JCR | SNIP | JCR | SNIP | JCR | SNIP | JCR | SNIP |
Select the library membership card:
If the library membership card is not in the list,
add a new one.
DRS, in which the journal is indexed
Database name | Field | Year |
---|
Links to authors' personal bibliographies | Links to information on researchers in the SICRIS system |
---|---|
Orehek, Špela | 50571 |
Petrič, Gregor | 19074 |
Source: Personal bibliographies
and: SICRIS
Select pickup location:
Material pickup by post
Delivery address:
Address is missing from the member's data.
The address retrieval service is currently unavailable, please try again.
By clicking the "OK" button, you will confirm the pickup location selected above and complete the reservation process.
By clicking the "OK" button, you will confirm the above pickup location and delivery address, and complete the reservation process.
By clicking the "OK" button, you will confirm the address selected above and complete the reservation process.
Notification
Automatic login and reservation service currently not available. You can reserve the material on the Biblos portal or try again here later.
Subject headings in COBISS General List of Subject Headings
Select pickup location
The material from the parent unit is free. If the material is delivered to the pickup location from another unit, the library may charge you for this service.
Pickup location | Material status | Reservation |
---|
Reservation in progress
Please wait a moment.
Reservation was successful.
Reservation failed.
Reservation...
Membership card:
Pickup location: