Location

67.303

Start Date

6-12-2016 2:00 PM

End Date

6-12-2016 2:30 PM

Presentation Type

Paper

Description

Abstract: This paper reports on an evaluation of the test-retest reliability and internal consistency of the Human Aspects of Information Security Questionnaire (HAIS-Q), a measure designed to capture an individual’s knowledge, attitude and self-reported behaviour towards information security in the workplace. The analyses focused on responses from 197 working Australians, who completed two iterations of the HAIS-Q, approximately four weeks apart. The HAIS-Q showed significant test-retest correlations and has high internal reliability levels. The results of this study demonstrated that the HAIS-Q possesses both external reliability and internal consistency, and can therefore be used as a reliable measure of information security awareness. The HAIS-Q can be used within organisations to measure the effectiveness and impacts of training interventions, information security awareness programs and to determine the impact of security incidents and cultural changes.

Share

COinS
 
Dec 6th, 2:00 PM Dec 6th, 2:30 PM

Test-retest reliability and internal consistency of the Human Aspects of Information Security Questionnaire (HAIS-Q)

67.303

Abstract: This paper reports on an evaluation of the test-retest reliability and internal consistency of the Human Aspects of Information Security Questionnaire (HAIS-Q), a measure designed to capture an individual’s knowledge, attitude and self-reported behaviour towards information security in the workplace. The analyses focused on responses from 197 working Australians, who completed two iterations of the HAIS-Q, approximately four weeks apart. The HAIS-Q showed significant test-retest correlations and has high internal reliability levels. The results of this study demonstrated that the HAIS-Q possesses both external reliability and internal consistency, and can therefore be used as a reliable measure of information security awareness. The HAIS-Q can be used within organisations to measure the effectiveness and impacts of training interventions, information security awareness programs and to determine the impact of security incidents and cultural changes.